rpms/batik
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Use custom security policy files

Browse Source 
- Resolves: rhbz#1277998
This commit is contained in:
Mikolaj Izdebski 2015-11-27 11:33:27 +01:00
parent 55745d44f8
commit b00f3146be
3 changed files with 25 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
batik-policy.patch
View File

@ -1,34 +0,0 @@
diff -uNr batik-1.8-clean/resources/org/apache/batik/apps/rasterizer/resources/rasterizer.bin.policy batik-1.8/resources/org/apache/batik/apps/rasterizer/resources/rasterizer.bin.policy
--- batik-1.8-clean/resources/org/apache/batik/apps/rasterizer/resources/rasterizer.bin.policy 2007-09-07 14:05:13.000000000 -0400
+++ batik-1.8/resources/org/apache/batik/apps/rasterizer/resources/rasterizer.bin.policy 2007-09-12 13:36:24.000000000 -0400
@@ -30,6 +30,11 @@
permission java.security.AllPermission;
};
+//new stuff
+grant codeBase "${app.jar.base}/batik-all.jar" {
+ permission java.security.AllPermission;
+};
+
grant codeBase "${app.jar.base}/lib/batik-ext.jar" {
permission java.security.AllPermission;
};
diff -uNr batik-1.8-clean/resources/org/apache/batik/apps/svgbrowser/resources/svgbrowser.bin.policy batik-1.8/resources/org/apache/batik/apps/svgbrowser/resources/svgbrowser.bin.policy
--- batik-1.8-clean/resources/org/apache/batik/apps/svgbrowser/resources/svgbrowser.bin.policy 2007-09-07 14:05:13.000000000 -0400
+++ batik-1.8/resources/org/apache/batik/apps/svgbrowser/resources/svgbrowser.bin.policy 2007-09-12 13:36:49.000000000 -0400
@@ -34,6 +34,10 @@
permission java.security.AllPermission;
};
+grant codeBase "${app.jar.base}/batik-all.jar" {
+ permission java.security.AllPermission;
+};
+
grant codeBase "${app.jar.base}/lib/batik-ext.jar" {
permission java.security.AllPermission;
};
@@ -104,4 +108,3 @@
grant {
permission java.io.FilePermission "lib/batik-svg-dom.jar", "read";
};
-

15
batik-security.policy Normal file
View File

@ -0,0 +1,15 @@
grant codeBase "file:/usr/share/java/batik-all.jar" { permission java.security.AllPermission; };
grant codeBase "file:/usr/share/java/batik-squiggle.jar" { permission java.security.AllPermission; };
grant codeBase "file:/usr/share/java/batik-rasterizer.jar" { permission java.security.AllPermission; };
grant codeBase "file:/usr/share/java/xml-commons-apis.jar" { permission java.security.AllPermission; };
grant codeBase "file:/usr/share/java/xml-commons-apis-ext.jar" { permission java.security.AllPermission; };
grant codeBase "file:/usr/share/java/xmlgraphics-commons.jar" { permission java.security.AllPermission; };
grant codeBase "file:/usr/share/java/rhino.jar" {
permission java.lang.RuntimePermission "createClassLoader";
permission java.net.SocketPermission "*", "listen, connect, resolve, accept";
permission java.lang.RuntimePermission "accessDeclaredMembers";
permission java.util.PropertyPermission "org.mozilla.javascript.JavaAdapter", "read";
permission java.util.PropertyPermission "org.mozilla.javascript.JavaAdapterClassName", "read";
permission java.io.FilePermission "<<ALL FILES>>", "read";
};

13
batik.spec
View File

@ -1,6 +1,6 @@
Name: batik
Version: 1.8
Release: 2%{?dist}
Release: 3%{?dist}
Summary: Scalable Vector Graphics for Java
License: ASL 2.0 and W3C
URL: http://xml.apache.org/batik/
@ -23,9 +23,10 @@ Source7: %{name}-repack.sh
#
Source8: %{name}-1.7-orbit-manifests.tar.gz
Source9: %{name}-security.policy
Patch0: %{name}-manifests.patch
Patch1: %{name}-policy.patch
# remove dependency on bundled rhino from pom
Patch2: %{name}-script-remove-js.patch
@ -150,7 +151,6 @@ find -name '*.class' -exec rm -f '{}' \;
find -name '*.jar' -exec rm -f '{}' \;
#%patch0 -p1
%patch1 -p1
rm -f `find -name readOnly.png`
rm -f `find -name properties`
mkdir orbit
@ -158,6 +158,9 @@ pushd orbit
tar xzf %{SOURCE8}
popd
cp -p %{SOURCE9} resources/org/apache/batik/apps/rasterizer/resources/rasterizer.policy.ref
cp -p %{SOURCE9} resources/org/apache/batik/apps/svgbrowser/resources/svgbrowser.policy.ref
# create poms from templates
for module in anim awt-util bridge codec css dom ext extension gui-util \
gvt parser script svg-dom svggen swing transcoder util xml \
@ -326,6 +329,10 @@ chmod +x $RPM_BUILD_ROOT%{_datadir}/%{name}/contrib/charts/convert.sh
%changelog
* Fri Nov 27 2015 Mikolaj Izdebski <mizdebsk@redhat.com> - 1.8-3
- Use custom security policy files
- Resolves: rhbz#1277998
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild