1 // 2 // Permissions required by modules stored in a run-time image and loaded 3 // by the platform class loader. 4 // 5 // NOTE that this file is not intended to be modified. If additional 6 // permissions need to be granted to the modules in this file, it is 7 // recommended that they be configured in a separate policy file or 8 // ${java.home}/conf/security/java.policy. 9 // 10 11 grant codeBase "jrt:/java.activation" { 12 permission java.security.AllPermission; 13 }; 14 15 grant codeBase "jrt:/java.compiler" { 16 permission java.security.AllPermission; 17 }; 18 19 grant codeBase "jrt:/java.corba" { 20 permission java.security.AllPermission; 21 }; 22 23 grant codeBase "jrt:/java.scripting" { 24 permission java.security.AllPermission; 25 }; 26 27 grant codeBase "jrt:/java.security.jgss" { 28 permission java.security.AllPermission; 29 }; 30 31 grant codeBase "jrt:/java.smartcardio" { 32 permission javax.smartcardio.CardPermission "*", "*"; 33 permission java.lang.RuntimePermission "loadLibrary.j2pcsc"; 34 permission java.lang.RuntimePermission 35 "accessClassInPackage.sun.security.*"; 36 permission java.util.PropertyPermission "*", "read"; 37 // needed for looking up native PC/SC library 38 permission java.io.FilePermission "<<ALL FILES>>","read"; 39 permission java.security.SecurityPermission "putProviderProperty.SunPCSC"; 40 permission java.security.SecurityPermission 41 "clearProviderProperties.SunPCSC"; 42 permission java.security.SecurityPermission 43 "removeProviderProperty.SunPCSC"; 44 }; 45 46 grant codeBase "jrt:/java.sql" { 47 permission java.security.AllPermission; 48 }; 49 50 grant codeBase "jrt:/java.sql.rowset" { 51 permission java.security.AllPermission; 52 }; 53 54 grant codeBase "jrt:/java.xml.bind" { 55 permission java.lang.RuntimePermission 56 "accessClassInPackage.com.sun.xml.internal.*"; 57 permission java.lang.RuntimePermission 58 "accessClassInPackage.com.sun.istack.internal"; 59 permission java.lang.RuntimePermission 60 "accessClassInPackage.com.sun.istack.internal.*"; 61 permission java.lang.RuntimePermission "accessDeclaredMembers"; 62 permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; 63 permission java.util.PropertyPermission "*", "read"; 64 }; 65 66 grant codeBase "jrt:/java.xml.crypto" { 67 permission java.util.PropertyPermission "*", "read"; 68 permission java.security.SecurityPermission "putProviderProperty.XMLDSig"; 69 permission java.security.SecurityPermission 70 "clearProviderProperties.XMLDSig"; 71 permission java.security.SecurityPermission 72 "removeProviderProperty.XMLDSig"; 73 permission java.security.SecurityPermission 74 "com.sun.org.apache.xml.internal.security.register"; 75 permission java.security.SecurityPermission 76 "getProperty.jdk.xml.dsig.secureValidationPolicy"; 77 }; 78 79 grant codeBase "jrt:/java.xml.ws" { 80 permission java.lang.RuntimePermission 81 "accessClassInPackage.com.sun.xml.internal.*"; 82 permission java.lang.RuntimePermission 83 "accessClassInPackage.com.sun.istack.internal"; 84 permission java.lang.RuntimePermission 85 "accessClassInPackage.com.sun.istack.internal.*"; 86 permission java.lang.RuntimePermission 87 "accessClassInPackage.com.sun.org.apache.xerces.internal.*"; 88 permission java.lang.RuntimePermission "accessDeclaredMembers"; 89 permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; 90 permission java.util.PropertyPermission "*", "read"; 91 }; 92 93 grant codeBase "jrt:/jdk.charsets" { 94 permission java.io.FilePermission "${java.home}/-", "read"; 95 permission java.util.PropertyPermission "os.name", "read"; 96 permission java.util.PropertyPermission "sun.nio.cs.map", "read"; 97 permission java.lang.RuntimePermission "charsetProvider"; 98 permission java.lang.RuntimePermission 99 "accessClassInPackage.jdk.internal.misc"; 100 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs"; 101 }; 102 103 grant codeBase "jrt:/jdk.crypto.ec" { 104 permission java.lang.RuntimePermission 105 "accessClassInPackage.sun.security.*"; 106 permission java.lang.RuntimePermission "loadLibrary.sunec"; 107 permission java.security.SecurityPermission "putProviderProperty.SunEC"; 108 permission java.security.SecurityPermission "clearProviderProperties.SunEC"; 109 permission java.security.SecurityPermission "removeProviderProperty.SunEC"; 110 }; 111 112 grant codeBase "jrt:/jdk.crypto.pkcs11" { 113 permission java.lang.RuntimePermission 114 "accessClassInPackage.sun.security.*"; 115 permission java.lang.RuntimePermission "accessClassInPackage.sun.misc"; 116 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch"; 117 permission java.lang.RuntimePermission "loadLibrary.j2pkcs11"; 118 // needs "security.pkcs11.allowSingleThreadedModules" 119 permission java.util.PropertyPermission "*", "read"; 120 permission java.security.SecurityPermission "putProviderProperty.*"; 121 permission java.security.SecurityPermission "clearProviderProperties.*"; 122 permission java.security.SecurityPermission "removeProviderProperty.*"; 123 permission java.security.SecurityPermission 124 "getProperty.auth.login.defaultCallbackHandler"; 125 permission java.security.SecurityPermission "authProvider.*"; 126 // Needed for reading PKCS11 config file and NSS library check 127 permission java.io.FilePermission "<<ALL FILES>>", "read"; 128 }; 129 130 grant codeBase "jrt:/jdk.dynalink" { 131 permission java.security.AllPermission; 132 }; 133 134 grant codeBase "jrt:/jdk.internal.le" { 135 permission java.security.AllPermission; 136 }; 137 138 grant codeBase "jrt:/jdk.jsobject" { 139 permission java.security.AllPermission; 140 }; 141 142 grant codeBase "jrt:/jdk.localedata" { 143 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*"; 144 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*"; 145 permission java.util.PropertyPermission "*", "read"; 146 }; 147 148 grant codeBase "jrt:/jdk.naming.dns" { 149 permission java.security.AllPermission; 150 }; 151 152 grant codeBase "jrt:/jdk.scripting.nashorn" { 153 permission java.security.AllPermission; 154 }; 155 156 grant codeBase "jrt:/jdk.scripting.nashorn.shell" { 157 permission java.security.AllPermission; 158 }; 159 160 grant codeBase "jrt:/jdk.security.auth" { 161 permission java.security.AllPermission; 162 }; 163 164 grant codeBase "jrt:/jdk.security.jgss" { 165 permission java.security.AllPermission; 166 }; 167 168 grant codeBase "jrt:/jdk.zipfs" { 169 permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete"; 170 permission java.lang.RuntimePermission "fileSystemProvider"; 171 permission java.util.PropertyPermission "*", "read"; 172 }; 173