1 // permissions required by each component 2 grant codeBase "file:${java.home}/lib/ext/zipfs.jar" { 3 permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete"; 4 permission java.lang.RuntimePermission "fileSystemProvider"; 5 permission java.util.PropertyPermission "*", "read"; 6 }; 7 8 grant codeBase "file:${java.home}/lib/ext/cldrdata.jar" { 9 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*"; 10 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*"; 11 permission java.util.PropertyPermission "*", "read"; 12 }; 13 14 grant codeBase "file:${java.home}/lib/ext/localedata.jar" { 15 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*"; 16 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*"; 17 permission java.util.PropertyPermission "*", "read"; 18 }; 19 20 grant codeBase "file:${java.home}/lib/ext/dnsns.jar" { 21 permission java.security.AllPermission; 22 }; 23 24 grant codeBase "file:${java.home}/lib/ext/nashorn.jar" { 25 permission java.security.AllPermission; 26 }; 27 28 grant codeBase "file:${java.home}/lib/ext/ucrypto.jar" { 29 permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*"; 30 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch"; 31 permission java.lang.RuntimePermission "loadLibrary.j2ucrypto"; 32 // need "com.oracle.security.ucrypto.debug" for debugging 33 permission java.util.PropertyPermission "*", "read"; 34 permission java.security.SecurityPermission "putProviderProperty.OracleUcrypto"; 35 permission java.security.SecurityPermission "clearProviderProperties.OracleUcrypto"; 36 permission java.security.SecurityPermission "removeProviderProperty.OracleUcrypto"; 37 permission java.io.FilePermission "${java.home}/lib/security/ucrypto-solaris.cfg", "read"; 38 }; 39 40 grant codeBase "file:${java.home}/lib/ext/sunec.jar" { 41 permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*"; 42 permission java.lang.RuntimePermission "loadLibrary.sunec"; 43 permission java.util.PropertyPermission "*", "read"; 44 permission java.security.SecurityPermission "putProviderProperty.SunEC"; 45 permission java.security.SecurityPermission "clearProviderProperties.SunEC"; 46 permission java.security.SecurityPermission "removeProviderProperty.SunEC"; 47 }; 48 49 grant codeBase "file:${java.home}/lib/ext/sunjce_provider.jar" { 50 permission java.lang.RuntimePermission "accessClassInPackage.sun.misc"; 51 permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*"; 52 permission java.util.PropertyPermission "*", "read"; 53 permission java.security.SecurityPermission "putProviderProperty.SunJCE"; 54 permission java.security.SecurityPermission "clearProviderProperties.SunJCE"; 55 permission java.security.SecurityPermission "removeProviderProperty.SunJCE"; 56 }; 57 58 grant codeBase "file:${java.home}/lib/ext/sunpkcs11.jar" { 59 permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*"; 60 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch"; 61 permission java.lang.RuntimePermission "loadLibrary.j2pkcs11"; 62 // needs "security.pkcs11.allowSingleThreadedModules" 63 permission java.util.PropertyPermission "*", "read"; 64 permission java.security.SecurityPermission "putProviderProperty.*"; 65 permission java.security.SecurityPermission "clearProviderProperties.*"; 66 permission java.security.SecurityPermission "removeProviderProperty.*"; 67 permission java.security.SecurityPermission "getProperty.auth.login.defaultCallbackHandler"; 68 permission java.security.SecurityPermission "authProvider.*"; 69 // Needed for reading PKCS11 config file and NSS library check 70 permission java.io.FilePermission "<<ALL FILES>>", "read"; 71 }; 72 73 // default permissions granted to all domains 74 75 grant { 76 // Allows any thread to stop itself using the java.lang.Thread.stop() 77 // method that takes no argument. 78 // Note that this permission is granted by default only to remain | 1 // permissions required by each component 2 grant codeBase "jrt:/jdk.zipfs" { 3 permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete"; 4 permission java.lang.RuntimePermission "fileSystemProvider"; 5 permission java.util.PropertyPermission "*", "read"; 6 }; 7 8 grant codeBase "jrt:/jdk.localedata" { 9 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*"; 10 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*"; 11 permission java.util.PropertyPermission "*", "read"; 12 }; 13 14 grant codeBase "jrt:/jdk.naming.dns" { 15 permission java.security.AllPermission; 16 }; 17 18 grant codeBase "jrt:/jdk.scripting.nashorn" { 19 permission java.security.AllPermission; 20 }; 21 22 grant codeBase "jrt:/jdk.crypto.ucrypto" { 23 permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*"; 24 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch"; 25 permission java.lang.RuntimePermission "loadLibrary.j2ucrypto"; 26 // need "com.oracle.security.ucrypto.debug" for debugging 27 permission java.util.PropertyPermission "*", "read"; 28 permission java.security.SecurityPermission "putProviderProperty.OracleUcrypto"; 29 permission java.security.SecurityPermission "clearProviderProperties.OracleUcrypto"; 30 permission java.security.SecurityPermission "removeProviderProperty.OracleUcrypto"; 31 permission java.io.FilePermission "${java.home}/conf/security/ucrypto-solaris.cfg", "read"; 32 }; 33 34 grant codeBase "jrt:/jdk.crypto.ec" { 35 permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*"; 36 permission java.lang.RuntimePermission "loadLibrary.sunec"; 37 permission java.util.PropertyPermission "*", "read"; 38 permission java.security.SecurityPermission "putProviderProperty.SunEC"; 39 permission java.security.SecurityPermission "clearProviderProperties.SunEC"; 40 permission java.security.SecurityPermission "removeProviderProperty.SunEC"; 41 }; 42 43 grant codeBase "jrt:/jdk.crypto.pkcs11" { 44 permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*"; 45 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch"; 46 permission java.lang.RuntimePermission "loadLibrary.j2pkcs11"; 47 // needs "security.pkcs11.allowSingleThreadedModules" 48 permission java.util.PropertyPermission "*", "read"; 49 permission java.security.SecurityPermission "putProviderProperty.*"; 50 permission java.security.SecurityPermission "clearProviderProperties.*"; 51 permission java.security.SecurityPermission "removeProviderProperty.*"; 52 permission java.security.SecurityPermission "getProperty.auth.login.defaultCallbackHandler"; 53 permission java.security.SecurityPermission "authProvider.*"; 54 // Needed for reading PKCS11 config file and NSS library check 55 permission java.io.FilePermission "<<ALL FILES>>", "read"; 56 }; 57 58 // default permissions granted to all domains 59 60 grant { 61 // Allows any thread to stop itself using the java.lang.Thread.stop() 62 // method that takes no argument. 63 // Note that this permission is granted by default only to remain |