[ https://issues.apache.org/jira/browse/LOG4J2-348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Roland Weiglhofer updated LOG4J2-348:
-------------------------------------

Description:
OSGi defines permissions for bundles. Bundles should have only those permissions that they need to function. This is very easy to implement. Just add a directory OSGI-INF in the jar and include the file permissions.perm.

Here are some examples
(org.osgi.framework.PackagePermission "package name" "import")
(org.osgi.framework.PackagePermission "package name" "export")
(org.osgi.framework.BundlePermission "groupID.artifactID of Host" "host");
(org.osgi.framework.ServicePermission "class name" "get")
(org.osgi.framework.ServicePermission "class name" "register")
(org.osgi.framework.ConfigurationPermission * "configure")
(org.osgi.framework.AdminPermission * "metadata")

pom

...
<build>
<resources>
<resource>
<directory>OSGI-INF/</directory>
<filtering>true</filtering>
<includes>
<include>permissions.perm</include>
</includes>
</resource>
</resources>
<plugins>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
...
<configuration>
...
<instructions>
...
<Include-Resource>
{maven-resources},
OSGI-INF/=OSGI-INF/
</Include-Resource>
...
</instructions>
...
</configuration>
...
</plugin>
...

was:
OSGi defines permissions for bundles. Bundles should have only those permissions that they need to function. This is very easy to implement. Just add a directory OSGI-INF in the jar and include the file permissions.perm.

Here are some examples
(org.osgi.framework.PackagePermission "package name" "import")
(org.osgi.framework.PackagePermission "package name" "export")
(org.osgi.framework.BundlePermission "groupID.artifactID of Host" "host");
(org.osgi.framework.ServicePermission "class name" "get")
(org.osgi.framework.ServicePermission "class name" "register")
(org.osgi.framework.ConfigurationPermission * "configure")
(org.osgi.framework.AdminPermission * "metadata")
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

[ https://issues.apache.org/jira/browse/LOG4J2-348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Matt Sicker reassigned LOG4J2-348:
----------------------------------

Assignee: Matt Sicker
--
This message was sent by Atlassian JIRA
(v6.2#6252)

[ https://issues.apache.org/jira/browse/LOG4J2-348?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13976555#comment-13976555 ]

Łukasz Dywicki commented on LOG4J2-348:
---------------------------------------

You don't need any extra entries in maven-bundle-plugin configuration as long as you will place permission file in src/main/resources/OSGI-INF.
--
This message was sent by Atlassian JIRA
(v6.2#6252)

[ https://issues.apache.org/jira/browse/LOG4J2-348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Remko Popma updated LOG4J2-348:
-------------------------------

Fix Version/s: (was: 2.0)
2.1
--
This message was sent by Atlassian JIRA
(v6.2#6252)

[ https://issues.apache.org/jira/browse/LOG4J2-348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Remko Popma updated LOG4J2-348:
-------------------------------
Fix Version/s: (was: 2.1)
2.2
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)