1 // permissions required by each component 2 grant codeBase "jrt:/java.corba" { 3 permission java.security.AllPermission; 4 }; 5 6 grant codeBase "jrt:/jdk.zipfs" { 7 permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete"; 8 permission java.lang.RuntimePermission "fileSystemProvider"; 9 permission java.util.PropertyPermission "*", "read"; 10 }; 11 12 grant codeBase "jrt:/jdk.localedata" { 13 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*"; 14 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*"; 15 permission java.util.PropertyPermission "*", "read"; 16 }; 17 18 grant codeBase "jrt:/jdk.naming.dns" { 19 permission java.security.AllPermission; 20 }; 21 22 grant codeBase "jrt:/jdk.dynalink" { 23 permission java.security.AllPermission; 24 }; 25 26 grant codeBase "jrt:/jdk.scripting.nashorn" { 27 permission java.security.AllPermission; 28 }; 29 30 grant codeBase "jrt:/jdk.scripting.nashorn.shell" { 31 permission java.security.AllPermission; 32 }; 33 34 grant codeBase "jrt:/jdk.internal.le" { 35 permission java.security.AllPermission; 36 }; 37 38 grant codeBase "jrt:/jdk.crypto.ucrypto" { 39 permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*"; 40 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch"; 41 permission java.lang.RuntimePermission "loadLibrary.j2ucrypto"; 42 // need "com.oracle.security.ucrypto.debug" for debugging 43 permission java.util.PropertyPermission "*", "read"; 44 permission java.security.SecurityPermission "putProviderProperty.OracleUcrypto"; 45 permission java.security.SecurityPermission "clearProviderProperties.OracleUcrypto"; 46 permission java.security.SecurityPermission "removeProviderProperty.OracleUcrypto"; 47 permission java.io.FilePermission "${java.home}/conf/security/ucrypto-solaris.cfg", "read"; 48 }; 49 50 grant codeBase "jrt:/jdk.crypto.ec" { 51 permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*"; 52 permission java.lang.RuntimePermission "loadLibrary.sunec"; 53 permission java.util.PropertyPermission "*", "read"; 54 permission java.security.SecurityPermission "putProviderProperty.SunEC"; 55 permission java.security.SecurityPermission "clearProviderProperties.SunEC"; 56 permission java.security.SecurityPermission "removeProviderProperty.SunEC"; 57 }; 58 59 grant codeBase "jrt:/jdk.crypto.pkcs11" { 60 permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*"; 61 permission java.lang.RuntimePermission "accessClassInPackage.sun.misc"; 62 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch"; 63 permission java.lang.RuntimePermission "loadLibrary.j2pkcs11"; 64 // needs "security.pkcs11.allowSingleThreadedModules" 65 permission java.util.PropertyPermission "*", "read"; 66 permission java.security.SecurityPermission "putProviderProperty.*"; 67 permission java.security.SecurityPermission "clearProviderProperties.*"; 68 permission java.security.SecurityPermission "removeProviderProperty.*"; 69 permission java.security.SecurityPermission "getProperty.auth.login.defaultCallbackHandler"; 70 permission java.security.SecurityPermission "authProvider.*"; 71 // Needed for reading PKCS11 config file and NSS library check 72 permission java.io.FilePermission "<<ALL FILES>>", "read"; 73 }; 74 75 grant codeBase "jrt:/java.xml.ws" { 76 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.xml.internal.*"; 77 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.istack.internal"; 78 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.istack.internal.*"; 79 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.org.apache.xerces.internal.*"; 80 permission java.lang.RuntimePermission "accessDeclaredMembers"; 81 permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; 82 permission java.util.PropertyPermission "*", "read"; 83 }; 84 85 grant codeBase "jrt:/java.xml.bind" { 86 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.xml.internal.*"; 87 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.istack.internal"; 88 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.istack.internal.*"; 89 permission java.lang.RuntimePermission "accessDeclaredMembers"; 90 permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; 91 permission java.util.PropertyPermission "*", "read"; 92 }; 93 94 grant codeBase "jrt:/java.activation" { 95 permission java.security.AllPermission; 96 }; 97 98 // default permissions granted to all domains 99 100 grant { 101 // Allows any thread to stop itself using the java.lang.Thread.stop() 102 // method that takes no argument. 103 // Note that this permission is granted by default only to remain 104 // backwards compatible. 105 // It is strongly recommended that you either remove this permission 106 // from this policy file or further restrict it to code sources 107 // that you specify, because Thread.stop() is potentially unsafe. 108 // See the API specification of java.lang.Thread.stop() for more 109 // information. 110 permission java.lang.RuntimePermission "stopThread"; 111 112 // allows anyone to listen on dynamic ports 113 permission java.net.SocketPermission "localhost:0", "listen"; 114 115 // "standard" properies that can be read by anyone 116 117 permission java.util.PropertyPermission "java.version", "read"; 118 permission java.util.PropertyPermission "java.vendor", "read"; 119 permission java.util.PropertyPermission "java.vendor.url", "read"; 120 permission java.util.PropertyPermission "java.class.version", "read"; 121 permission java.util.PropertyPermission "os.name", "read"; 122 permission java.util.PropertyPermission "os.version", "read"; 123 permission java.util.PropertyPermission "os.arch", "read"; 124 permission java.util.PropertyPermission "file.separator", "read"; 125 permission java.util.PropertyPermission "path.separator", "read"; 126 permission java.util.PropertyPermission "line.separator", "read"; 127 128 permission java.util.PropertyPermission "java.specification.version", "read"; 129 permission java.util.PropertyPermission "java.specification.vendor", "read"; 130 permission java.util.PropertyPermission "java.specification.name", "read"; 131 132 permission java.util.PropertyPermission "java.vm.specification.version", "read"; 133 permission java.util.PropertyPermission "java.vm.specification.vendor", "read"; 134 permission java.util.PropertyPermission "java.vm.specification.name", "read"; 135 permission java.util.PropertyPermission "java.vm.version", "read"; 136 permission java.util.PropertyPermission "java.vm.vendor", "read"; 137 permission java.util.PropertyPermission "java.vm.name", "read"; 138 }; 139