1 // 2 // Permissions required by modules stored in a run-time image and loaded 3 // by the platform class loader. 4 // 5 // NOTE that this file is not intended to be modified. If additional 6 // permissions need to be granted to the modules in this file, it is 7 // recommended that they be configured in a separate policy file or 8 // ${java.home}/conf/security/java.policy. 9 // 10 11 grant codeBase "jrt:/java.activation" { 12 permission java.security.AllPermission; 13 }; 14 15 grant codeBase "jrt:/java.compiler" { 16 permission java.security.AllPermission; 17 }; 18 19 grant codeBase "jrt:/java.corba" { 20 permission java.security.AllPermission; 21 }; 22 23 grant codeBase "jrt:/jdk.incubator.httpclient" { 24 }; 25 26 grant codeBase "jrt:/java.scripting" { 27 permission java.security.AllPermission; 28 }; 29 30 grant codeBase "jrt:/java.security.jgss" { 31 permission java.security.AllPermission; 32 }; 33 34 grant codeBase "jrt:/java.smartcardio" { 35 permission javax.smartcardio.CardPermission "*", "*"; 36 permission java.lang.RuntimePermission "loadLibrary.j2pcsc"; 37 permission java.lang.RuntimePermission 38 "accessClassInPackage.sun.security.jca"; 39 permission java.lang.RuntimePermission 40 "accessClassInPackage.sun.security.util"; 41 permission java.util.PropertyPermission 42 "javax.smartcardio.TerminalFactory.DefaultType", "read"; 43 permission java.util.PropertyPermission "os.name", "read"; 44 permission java.util.PropertyPermission "os.arch", "read"; 45 permission java.util.PropertyPermission "sun.arch.data.model", "read"; 46 permission java.util.PropertyPermission 47 "sun.security.smartcardio.library", "read"; 48 permission java.util.PropertyPermission 49 "sun.security.smartcardio.t0GetResponse", "read"; 50 permission java.util.PropertyPermission 51 "sun.security.smartcardio.t1GetResponse", "read"; 52 permission java.util.PropertyPermission 53 "sun.security.smartcardio.t1StripLe", "read"; 54 // needed for looking up native PC/SC library 55 permission java.io.FilePermission "<<ALL FILES>>","read"; 56 permission java.security.SecurityPermission "putProviderProperty.SunPCSC"; 57 permission java.security.SecurityPermission 58 "clearProviderProperties.SunPCSC"; 59 permission java.security.SecurityPermission 60 "removeProviderProperty.SunPCSC"; 61 }; 62 63 grant codeBase "jrt:/java.sql" { 64 permission java.security.AllPermission; 65 }; 66 67 grant codeBase "jrt:/java.sql.rowset" { 68 permission java.security.AllPermission; 69 }; 70 71 grant codeBase "jrt:/java.xml.bind" { 72 permission java.lang.RuntimePermission 73 "accessClassInPackage.com.sun.xml.internal.*"; 74 permission java.lang.RuntimePermission 75 "accessClassInPackage.com.sun.istack.internal"; 76 permission java.lang.RuntimePermission 77 "accessClassInPackage.com.sun.istack.internal.*"; 78 permission java.lang.RuntimePermission "accessDeclaredMembers"; 79 permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; 80 permission java.util.PropertyPermission "*", "read"; 81 }; 82 83 grant codeBase "jrt:/java.xml.crypto" { 84 permission java.lang.RuntimePermission 85 "accessClassInPackage.sun.security.util"; 86 permission java.util.PropertyPermission "*", "read"; 87 permission java.security.SecurityPermission "putProviderProperty.XMLDSig"; 88 permission java.security.SecurityPermission 89 "clearProviderProperties.XMLDSig"; 90 permission java.security.SecurityPermission 91 "removeProviderProperty.XMLDSig"; 92 permission java.security.SecurityPermission 93 "com.sun.org.apache.xml.internal.security.register"; 94 permission java.security.SecurityPermission 95 "getProperty.jdk.xml.dsig.secureValidationPolicy"; 96 permission java.lang.RuntimePermission 97 "accessClassInPackage.com.sun.org.apache.xml.internal.*"; 98 permission java.lang.RuntimePermission 99 "accessClassInPackage.com.sun.org.apache.xpath.internal"; 100 permission java.lang.RuntimePermission 101 "accessClassInPackage.com.sun.org.apache.xpath.internal.*"; 102 }; 103 104 grant codeBase "jrt:/java.xml.ws" { 105 permission java.net.NetPermission 106 "getProxySelector"; 107 permission java.lang.RuntimePermission 108 "accessClassInPackage.com.sun.org.apache.xml.internal.resolver"; 109 permission java.lang.RuntimePermission 110 "accessClassInPackage.com.sun.org.apache.xml.internal.resolver.tools"; 111 permission java.lang.RuntimePermission 112 "accessClassInPackage.com.sun.xml.internal.*"; 113 permission java.lang.RuntimePermission 114 "accessClassInPackage.com.sun.istack.internal"; 115 permission java.lang.RuntimePermission 116 "accessClassInPackage.com.sun.istack.internal.*"; 117 permission java.lang.RuntimePermission 118 "accessClassInPackage.com.sun.org.apache.xerces.internal.*"; 119 permission java.lang.RuntimePermission "accessDeclaredMembers"; 120 permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; 121 permission java.util.PropertyPermission "*", "read"; 122 }; 123 124 grant codeBase "jrt:/jdk.charsets" { 125 permission java.util.PropertyPermission "os.name", "read"; 126 permission java.util.PropertyPermission "sun.nio.cs.map", "read"; 127 permission java.lang.RuntimePermission "charsetProvider"; 128 permission java.lang.RuntimePermission 129 "accessClassInPackage.jdk.internal.misc"; 130 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs"; 131 }; 132 133 grant codeBase "jrt:/jdk.crypto.ec" { 134 permission java.lang.RuntimePermission 135 "accessClassInPackage.sun.security.*"; 136 permission java.lang.RuntimePermission "loadLibrary.sunec"; 137 permission java.security.SecurityPermission "putProviderProperty.SunEC"; 138 permission java.security.SecurityPermission "clearProviderProperties.SunEC"; 139 permission java.security.SecurityPermission "removeProviderProperty.SunEC"; 140 }; 141 142 grant codeBase "jrt:/jdk.crypto.cryptoki" { 143 permission java.lang.RuntimePermission 144 "accessClassInPackage.sun.security.*"; 145 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch"; 146 permission java.lang.RuntimePermission "loadLibrary.j2pkcs11"; 147 permission java.util.PropertyPermission "sun.security.pkcs11.allowSingleThreadedModules", "read"; 148 permission java.util.PropertyPermission "os.name", "read"; 149 permission java.util.PropertyPermission "os.arch", "read"; 150 permission java.security.SecurityPermission "putProviderProperty.*"; 151 permission java.security.SecurityPermission "clearProviderProperties.*"; 152 permission java.security.SecurityPermission "removeProviderProperty.*"; 153 permission java.security.SecurityPermission 154 "getProperty.auth.login.defaultCallbackHandler"; 155 permission java.security.SecurityPermission "authProvider.*"; 156 // Needed for reading PKCS11 config file and NSS library check 157 permission java.io.FilePermission "<<ALL FILES>>", "read"; 158 }; 159 160 grant codeBase "jrt:/jdk.dynalink" { 161 permission java.security.AllPermission; 162 }; 163 164 grant codeBase "jrt:/jdk.internal.le" { 165 permission java.security.AllPermission; 166 }; 167 168 grant codeBase "jrt:/jdk.jsobject" { 169 permission java.security.AllPermission; 170 }; 171 172 grant codeBase "jrt:/jdk.localedata" { 173 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*"; 174 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*"; 175 }; 176 177 grant codeBase "jrt:/jdk.naming.dns" { 178 permission java.security.AllPermission; 179 }; 180 181 grant codeBase "jrt:/jdk.scripting.nashorn" { 182 permission java.security.AllPermission; 183 }; 184 185 grant codeBase "jrt:/jdk.scripting.nashorn.shell" { 186 permission java.security.AllPermission; 187 }; 188 189 grant codeBase "jrt:/jdk.security.auth" { 190 permission java.security.AllPermission; 191 }; 192 193 grant codeBase "jrt:/jdk.security.jgss" { 194 permission java.security.AllPermission; 195 }; 196 197 grant codeBase "jrt:/jdk.zipfs" { 198 permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete"; 199 permission java.lang.RuntimePermission "fileSystemProvider"; 200 permission java.util.PropertyPermission "os.name", "read"; 201 }; 202 203 grant codeBase "jrt:/jdk.accessibility" { 204 permission java.lang.RuntimePermission "accessClassInPackage.sun.awt"; 205 }; 206 207 grant codeBase "jrt:/jdk.desktop" { 208 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.awt"; 209 }; 210 211 // permissions needed by applications using java.desktop module 212 grant { 213 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans"; 214 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans.*"; 215 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.java.swing.plaf.*"; 216 permission java.lang.RuntimePermission "accessClassInPackage.com.apple.*"; 217 }; 218 219 grant codeBase "jrt:/jdk.vm.compiler" { 220 permission java.security.AllPermission; 221 };