Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.
Bug 334553 - OSGi added weave action to AdminPermission
Summary: OSGi added weave action to AdminPermission
Status: RESOLVED FIXED
Alias: None
Product: Equinox
Classification: Eclipse Project
Component: Framework (show other bugs)
Version: 3.7   Edit
Hardware: All All
: P3 normal (vote)
Target Milestone: 3.7 M6   Edit
Assignee: Thomas Watson CLA
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-01-17 12:45 EST by BJ Hargrave CLA
Modified: 2011-02-01 15:54 EST (History)
1 user (show)

See Also:


Attachments
patch (4.16 KB, patch)
2011-01-25 16:03 EST, Thomas Watson CLA
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description BJ Hargrave CLA 2011-01-17 12:45:58 EST
For weaving, OSGi has defined a weave action. To mutate a WovenClass object, the caller must have AdminPermission with the weave action for the bundle whose class is being woven.
Comment 1 BJ Hargrave CLA 2011-01-17 12:48:52 EST
WovenClassImpl needs to check the caller has the proper permission in the setBytes method. Also, the list returned by getDynamicImports must check the caller has proper permission on the mutation methods.
Comment 2 Thomas Watson CLA 2011-01-25 16:03:11 EST
Created attachment 187576 [details]
patch

Note that this patch depends on the patch in 334582 to get the new WEAVE constant from AdminPermission.
Comment 3 Thomas Watson CLA 2011-01-25 16:04:59 EST
Also note that I added the permission check to WovenClassImpl.getBytes when weaving has not completed yet since this is the actual raw byte[] that will be used to define the class and can be manipulated directly by the hook.  I opened osgi bug https://www.osgi.org/members/bugzilla/show_bug.cgi?id=1864 to clarify that this is required by the specification.
Comment 4 Thomas Watson CLA 2011-02-01 15:54:12 EST
patch released.