1 //
2 // Permissions required by modules stored in a run-time image and loaded
3 // by the platform class loader.
4 //
5 // NOTE that this file is not intended to be modified. If additional
6 // permissions need to be granted to the modules in this file, it is
7 // recommended that they be configured in a separate policy file or
8 // ${java.home}/conf/security/java.policy.
9 //
10
11 grant codeBase "jrt:/java.activation" {
12 permission java.security.AllPermission;
13 };
14
15 grant codeBase "jrt:/java.compiler" {
16 permission java.security.AllPermission;
17 };
18
19 grant codeBase "jrt:/java.corba" {
20 permission java.security.AllPermission;
21 };
22
23 grant codeBase "jrt:/jdk.incubator.httpclient" {
24 };
25
26 grant codeBase "jrt:/java.scripting" {
27 permission java.security.AllPermission;
28 };
29
30 grant codeBase "jrt:/java.security.jgss" {
31 permission java.security.AllPermission;
32 };
33
34 grant codeBase "jrt:/java.smartcardio" {
35 permission javax.smartcardio.CardPermission "*", "*";
36 permission java.lang.RuntimePermission "loadLibrary.j2pcsc";
37 permission java.lang.RuntimePermission
38 "accessClassInPackage.sun.security.jca";
39 permission java.lang.RuntimePermission
40 "accessClassInPackage.sun.security.util";
41 permission java.util.PropertyPermission
42 "javax.smartcardio.TerminalFactory.DefaultType", "read";
43 permission java.util.PropertyPermission "os.name", "read";
44 permission java.util.PropertyPermission "os.arch", "read";
45 permission java.util.PropertyPermission "sun.arch.data.model", "read";
46 permission java.util.PropertyPermission
47 "sun.security.smartcardio.library", "read";
48 permission java.util.PropertyPermission
49 "sun.security.smartcardio.t0GetResponse", "read";
50 permission java.util.PropertyPermission
51 "sun.security.smartcardio.t1GetResponse", "read";
52 permission java.util.PropertyPermission
53 "sun.security.smartcardio.t1StripLe", "read";
54 // needed for looking up native PC/SC library
55 permission java.io.FilePermission "<<ALL FILES>>","read";
56 permission java.security.SecurityPermission "putProviderProperty.SunPCSC";
57 permission java.security.SecurityPermission
58 "clearProviderProperties.SunPCSC";
59 permission java.security.SecurityPermission
60 "removeProviderProperty.SunPCSC";
61 };
62
63 grant codeBase "jrt:/java.sql" {
64 permission java.security.AllPermission;
65 };
66
67 grant codeBase "jrt:/java.sql.rowset" {
68 permission java.security.AllPermission;
69 };
70
71 grant codeBase "jrt:/java.xml.bind" {
72 permission java.lang.RuntimePermission
73 "accessClassInPackage.com.sun.xml.internal.*";
74 permission java.lang.RuntimePermission
75 "accessClassInPackage.com.sun.istack.internal";
76 permission java.lang.RuntimePermission
77 "accessClassInPackage.com.sun.istack.internal.*";
78 permission java.lang.RuntimePermission "accessDeclaredMembers";
79 permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
80 permission java.util.PropertyPermission "*", "read";
81 };
82
83 grant codeBase "jrt:/java.xml.crypto" {
84 permission java.lang.RuntimePermission
85 "accessClassInPackage.sun.security.util";
86 permission java.util.PropertyPermission "*", "read";
87 permission java.security.SecurityPermission "putProviderProperty.XMLDSig";
88 permission java.security.SecurityPermission
89 "clearProviderProperties.XMLDSig";
90 permission java.security.SecurityPermission
91 "removeProviderProperty.XMLDSig";
92 permission java.security.SecurityPermission
93 "com.sun.org.apache.xml.internal.security.register";
94 permission java.security.SecurityPermission
95 "getProperty.jdk.xml.dsig.secureValidationPolicy";
96 permission java.lang.RuntimePermission
97 "accessClassInPackage.com.sun.org.apache.xml.internal.*";
98 permission java.lang.RuntimePermission
99 "accessClassInPackage.com.sun.org.apache.xpath.internal";
100 permission java.lang.RuntimePermission
101 "accessClassInPackage.com.sun.org.apache.xpath.internal.*";
102 };
103
104 grant codeBase "jrt:/java.xml.ws" {
105 permission java.net.NetPermission
106 "getProxySelector";
107 permission java.lang.RuntimePermission
108 "accessClassInPackage.com.sun.org.apache.xml.internal.resolver";
109 permission java.lang.RuntimePermission
110 "accessClassInPackage.com.sun.org.apache.xml.internal.resolver.tools";
111 permission java.lang.RuntimePermission
112 "accessClassInPackage.com.sun.xml.internal.*";
113 permission java.lang.RuntimePermission
114 "accessClassInPackage.com.sun.istack.internal";
115 permission java.lang.RuntimePermission
116 "accessClassInPackage.com.sun.istack.internal.*";
117 permission java.lang.RuntimePermission
118 "accessClassInPackage.com.sun.org.apache.xerces.internal.*";
119 permission java.lang.RuntimePermission "accessDeclaredMembers";
120 permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
121 permission java.util.PropertyPermission "*", "read";
122 };
123
124 grant codeBase "jrt:/jdk.charsets" {
125 permission java.util.PropertyPermission "os.name", "read";
126 permission java.util.PropertyPermission "sun.nio.cs.map", "read";
127 permission java.lang.RuntimePermission "charsetProvider";
128 permission java.lang.RuntimePermission
129 "accessClassInPackage.jdk.internal.misc";
130 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";
131 };
132
133 grant codeBase "jrt:/jdk.crypto.ec" {
134 permission java.lang.RuntimePermission
135 "accessClassInPackage.sun.security.*";
136 permission java.lang.RuntimePermission "loadLibrary.sunec";
137 permission java.security.SecurityPermission "putProviderProperty.SunEC";
138 permission java.security.SecurityPermission "clearProviderProperties.SunEC";
139 permission java.security.SecurityPermission "removeProviderProperty.SunEC";
140 };
141
142 grant codeBase "jrt:/jdk.crypto.cryptoki" {
143 permission java.lang.RuntimePermission
144 "accessClassInPackage.sun.security.*";
145 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
146 permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
147 permission java.util.PropertyPermission "sun.security.pkcs11.allowSingleThreadedModules", "read";
148 permission java.util.PropertyPermission "os.name", "read";
149 permission java.util.PropertyPermission "os.arch", "read";
150 permission java.security.SecurityPermission "putProviderProperty.*";
151 permission java.security.SecurityPermission "clearProviderProperties.*";
152 permission java.security.SecurityPermission "removeProviderProperty.*";
153 permission java.security.SecurityPermission
154 "getProperty.auth.login.defaultCallbackHandler";
155 permission java.security.SecurityPermission "authProvider.*";
156 // Needed for reading PKCS11 config file and NSS library check
157 permission java.io.FilePermission "<<ALL FILES>>", "read";
158 };
159
160 grant codeBase "jrt:/jdk.dynalink" {
161 permission java.security.AllPermission;
162 };
163
164 grant codeBase "jrt:/jdk.internal.le" {
165 permission java.security.AllPermission;
166 };
167
168 grant codeBase "jrt:/jdk.jsobject" {
169 permission java.security.AllPermission;
170 };
171
172 grant codeBase "jrt:/jdk.localedata" {
173 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
174 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
175 };
176
177 grant codeBase "jrt:/jdk.naming.dns" {
178 permission java.security.AllPermission;
179 };
180
181 grant codeBase "jrt:/jdk.scripting.nashorn" {
182 permission java.security.AllPermission;
183 };
184
185 grant codeBase "jrt:/jdk.scripting.nashorn.shell" {
186 permission java.security.AllPermission;
187 };
188
189 grant codeBase "jrt:/jdk.security.auth" {
190 permission java.security.AllPermission;
191 };
192
193 grant codeBase "jrt:/jdk.security.jgss" {
194 permission java.security.AllPermission;
195 };
196
197 grant codeBase "jrt:/jdk.zipfs" {
198 permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
199 permission java.lang.RuntimePermission "fileSystemProvider";
200 permission java.util.PropertyPermission "os.name", "read";
201 };
202
203 grant codeBase "jrt:/jdk.accessibility" {
204 permission java.lang.RuntimePermission "accessClassInPackage.sun.awt";
205 };
206
207 grant codeBase "jrt:/jdk.desktop" {
208 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.awt";
209 };
210
211 // permissions needed by applications using java.desktop module
212 grant {
213 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans";
214 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans.*";
215 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.java.swing.plaf.*";
216 permission java.lang.RuntimePermission "accessClassInPackage.com.apple.*";
217 };
218
219 grant codeBase "jrt:/jdk.vm.compiler" {
220 permission java.security.AllPermission;
221 };