New test/jdk/sun/security/provider/PolicyFile/modules.policy

   1 grant {
   2     // java.base module
   3     permission java.io.SerializablePermission "enableSubstitution";
   4     permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
   5     permission java.nio.file.LinkPermission "hard";
   6     permission javax.net.ssl.SSLPermission "getSSLSessionContext";
   7     permission javax.security.auth.AuthPermission "doAsPrivileged";
   8     permission javax.security.auth.PrivateCredentialPermission "* * \"*\"",
   9                                                                "read";
  10     // java.base module (@jdk.Exported Permissions)
  11     permission jdk.net.NetworkPermission "setOption.SO_FLOW_SLA";
  12     // java.desktop module
  13     permission java.awt.AWTPermission "createRobot";
  14     permission javax.sound.sampled.AudioPermission "play";
  15     // java.logging module
  16     permission java.util.logging.LoggingPermission "control", "";
  17     // java.management module
  18     permission java.lang.management.ManagementPermission "control";
  19     permission javax.management.MBeanPermission "*", "getAttribute";
  20     permission javax.management.MBeanServerPermission "createMBeanServer";
  21     permission javax.management.MBeanTrustPermission "register";
  22     permission javax.management.remote.SubjectDelegationPermission "*";
  23     // java.security.jgss module
  24     permission javax.security.auth.kerberos.DelegationPermission "\"*\" \"*\"";
  25     permission javax.security.auth.kerberos.ServicePermission "*", "accept";
  26     // java.sql module
  27     permission java.sql.SQLPermission "setLog";
  28     // java.smartcardio module
  29     permission javax.smartcardio.CardPermission "*", "*";
  30     // jdk.attach module (@jdk.Exported Permissions)
  31     permission com.sun.tools.attach.AttachPermission "attachVirtualMachine";
  32     // jdk.jdi module (@jdk.Exported Permissions)
  33     permission com.sun.jdi.JDIPermission "virtualMachineManager";
  34     // jdk.security.jgss module (@jdk.Exported Permissions)
  35     permission com.sun.security.jgss.InquireSecContextPermission "*"; 
  36 };
  37 
  38 grant
  39     // java.base module
  40     principal javax.security.auth.x500.X500Principal "CN=Duke",
  41     // java.management module
  42     principal javax.management.remote.JMXPrincipal "Duke",
  43     // java.security.jgss module
  44     principal javax.security.auth.kerberos.KerberosPrincipal "duke@openjdk.org",
  45     // jdk.security.auth module (@jdk.Exported Principals)
  46     principal com.sun.security.auth.UserPrincipal "Duke",
  47     principal com.sun.security.auth.NTDomainPrincipal "openjdk.org",
  48     principal com.sun.security.auth.NTSid
  49         "S-1-5-21-3623811015-3361044348-30300820-1013",
  50     principal com.sun.security.auth.NTUserPrincipal "Duke",
  51     principal com.sun.security.auth.UnixNumericUserPrincipal "0",
  52     principal com.sun.security.auth.UnixPrincipal "duke" {
  53     permission java.util.PropertyPermission "user.home", "read";
  54 };
  55 
  56 grant
  57     // java.security.jgss module
  58     principal javax.security.auth.kerberos.KerberosPrincipal "duke@openjdk.org"
  59 {
  60     // test that ${{self}} expansion works 
  61     permission javax.security.auth.kerberos.ServicePermission "${{self}}",
  62                                                               "accept";
  63 };