Old src/java.base/share/conf/security/java.policy

   1 // permissions required by each component
   2 grant codeBase "jrt:/java.corba" {
   3         permission java.security.AllPermission;
   4 };
   5 
   6 grant codeBase "jrt:/jdk.zipfs" {
   7         permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
   8         permission java.lang.RuntimePermission "fileSystemProvider";
   9         permission java.util.PropertyPermission "*", "read";
  10 };
  11 
  12 grant codeBase "jrt:/jdk.localedata" {
  13         permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
  14         permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
  15         permission java.util.PropertyPermission "*", "read";
  16 };
  17 
  18 grant codeBase "jrt:/jdk.naming.dns" {
  19         permission java.security.AllPermission;
  20 };
  21 
  22 grant codeBase "jrt:/jdk.scripting.nashorn" {
  23         permission java.security.AllPermission;
  24 };
  25 
  26 grant codeBase "jrt:/jdk.scripting.nashorn.shell" {
  27         permission java.security.AllPermission;
  28 };
  29 
  30 grant codeBase "jrt:/jdk.internal.le" {
  31         permission java.security.AllPermission;
  32 };
  33 
  34 grant codeBase "jrt:/jdk.crypto.ucrypto" {
  35         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
  36         permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
  37         permission java.lang.RuntimePermission "loadLibrary.j2ucrypto";
  38         // need "com.oracle.security.ucrypto.debug" for debugging
  39         permission java.util.PropertyPermission "*", "read";
  40         permission java.security.SecurityPermission "putProviderProperty.OracleUcrypto";
  41         permission java.security.SecurityPermission "clearProviderProperties.OracleUcrypto";
  42         permission java.security.SecurityPermission "removeProviderProperty.OracleUcrypto";
  43         permission java.io.FilePermission "${java.home}/conf/security/ucrypto-solaris.cfg", "read";
  44 };
  45 
  46 grant codeBase "jrt:/jdk.crypto.ec" {
  47         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
  48         permission java.lang.RuntimePermission "loadLibrary.sunec";
  49         permission java.util.PropertyPermission "*", "read";
  50         permission java.security.SecurityPermission "putProviderProperty.SunEC";
  51         permission java.security.SecurityPermission "clearProviderProperties.SunEC";
  52         permission java.security.SecurityPermission "removeProviderProperty.SunEC";
  53 };
  54 
  55 grant codeBase "jrt:/jdk.crypto.pkcs11" {
  56         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
  57         permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
  58         permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
  59         permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
  60         // needs "security.pkcs11.allowSingleThreadedModules"
  61         permission java.util.PropertyPermission "*", "read";
  62         permission java.security.SecurityPermission "putProviderProperty.*";
  63         permission java.security.SecurityPermission "clearProviderProperties.*";
  64         permission java.security.SecurityPermission "removeProviderProperty.*";
  65         permission java.security.SecurityPermission "getProperty.auth.login.defaultCallbackHandler";
  66         permission java.security.SecurityPermission "authProvider.*";
  67         // Needed for reading PKCS11 config file and NSS library check
  68         permission java.io.FilePermission "<<ALL FILES>>", "read";
  69 };
  70 
  71 grant codeBase "jrt:/java.xml.ws" {
  72         permission java.lang.RuntimePermission "accessClassInPackage.com.sun.xml.internal.*";
  73         permission java.lang.RuntimePermission "accessClassInPackage.com.sun.istack.internal";
  74         permission java.lang.RuntimePermission "accessClassInPackage.com.sun.istack.internal.*";
  75         permission java.lang.RuntimePermission "accessClassInPackage.com.sun.org.apache.xerces.internal.*";
  76         permission java.lang.RuntimePermission "accessDeclaredMembers";
  77         permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
  78         permission java.util.PropertyPermission "*", "read";
  79 };
  80 
  81 grant codeBase "jrt:/java.xml.bind" {
  82         permission java.lang.RuntimePermission "accessClassInPackage.com.sun.xml.internal.*";
  83         permission java.lang.RuntimePermission "accessClassInPackage.com.sun.istack.internal";
  84         permission java.lang.RuntimePermission "accessClassInPackage.com.sun.istack.internal.*";
  85         permission java.lang.RuntimePermission "accessDeclaredMembers";
  86         permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
  87         permission java.util.PropertyPermission "*", "read";
  88 };
  89 
  90 grant codeBase "jrt:/java.activation" {
  91         permission java.security.AllPermission;
  92 };
  93 
  94 // default permissions granted to all domains
  95 
  96 grant {
  97         // Allows any thread to stop itself using the java.lang.Thread.stop()
  98         // method that takes no argument.
  99         // Note that this permission is granted by default only to remain
 100         // backwards compatible.
 101         // It is strongly recommended that you either remove this permission
 102         // from this policy file or further restrict it to code sources
 103         // that you specify, because Thread.stop() is potentially unsafe.
 104         // See the API specification of java.lang.Thread.stop() for more
 105         // information.
 106         permission java.lang.RuntimePermission "stopThread";
 107 
 108         // allows anyone to listen on dynamic ports
 109         permission java.net.SocketPermission "localhost:0", "listen";
 110 
 111         // "standard" properies that can be read by anyone
 112 
 113         permission java.util.PropertyPermission "java.version", "read";
 114         permission java.util.PropertyPermission "java.vendor", "read";
 115         permission java.util.PropertyPermission "java.vendor.url", "read";
 116         permission java.util.PropertyPermission "java.class.version", "read";
 117         permission java.util.PropertyPermission "os.name", "read";
 118         permission java.util.PropertyPermission "os.version", "read";
 119         permission java.util.PropertyPermission "os.arch", "read";
 120         permission java.util.PropertyPermission "file.separator", "read";
 121         permission java.util.PropertyPermission "path.separator", "read";
 122         permission java.util.PropertyPermission "line.separator", "read";
 123 
 124         permission java.util.PropertyPermission "java.specification.version", "read";
 125         permission java.util.PropertyPermission "java.specification.vendor", "read";
 126         permission java.util.PropertyPermission "java.specification.name", "read";
 127 
 128         permission java.util.PropertyPermission "java.vm.specification.version", "read";
 129         permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
 130         permission java.util.PropertyPermission "java.vm.specification.name", "read";
 131         permission java.util.PropertyPermission "java.vm.version", "read";
 132         permission java.util.PropertyPermission "java.vm.vendor", "read";
 133         permission java.util.PropertyPermission "java.vm.name", "read";
 134 };
 135