1 // permissions required by each component
2 grant codeBase "file:${java.home}/lib/ext/zipfs.jar" {
3 permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
4 permission java.lang.RuntimePermission "fileSystemProvider";
5 permission java.util.PropertyPermission "*", "read";
6 };
7
8 grant codeBase "file:${java.home}/lib/ext/cldrdata.jar" {
9 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
10 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
11 permission java.util.PropertyPermission "*", "read";
12 };
13
14 grant codeBase "file:${java.home}/lib/ext/localedata.jar" {
15 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
16 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
17 permission java.util.PropertyPermission "*", "read";
18 };
19
20 grant codeBase "file:${java.home}/lib/ext/dnsns.jar" {
21 permission java.security.AllPermission;
22 };
23
24 grant codeBase "file:${java.home}/lib/ext/nashorn.jar" {
25 permission java.security.AllPermission;
26 };
27
28 grant codeBase "file:${java.home}/lib/ext/sunec.jar" {
29 permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
30 permission java.lang.RuntimePermission "loadLibrary.sunec";
31 permission java.util.PropertyPermission "*", "read";
32 permission java.security.SecurityPermission "putProviderProperty.SunEC";
33 permission java.security.SecurityPermission "clearProviderProperties.SunEC";
34 permission java.security.SecurityPermission "removeProviderProperty.SunEC";
35 };
36
37 grant codeBase "file:${java.home}/lib/ext/sunjce_provider.jar" {
38 permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
39 permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
40 permission java.util.PropertyPermission "*", "read";
41 permission java.security.SecurityPermission "putProviderProperty.SunJCE";
42 permission java.security.SecurityPermission "clearProviderProperties.SunJCE";
43 permission java.security.SecurityPermission "removeProviderProperty.SunJCE";
44 };
45
46 grant codeBase "file:${java.home}/lib/ext/sunpkcs11.jar" {
47 permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
48 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
49 permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
50 permission java.util.PropertyPermission "*", "read";
51 permission java.security.SecurityPermission "putProviderProperty.*";
52 permission java.security.SecurityPermission "clearProviderProperties.*";
53 permission java.security.SecurityPermission "removeProviderProperty.*";
54 permission java.security.SecurityPermission "authProvider.*";
55 // Needed for reading PKCS11 config file and NSS library check
56 permission java.io.FilePermission "<<ALL FILES>>", "read";
57 };
58
59 // default permissions granted to all domains
60
61 grant {
62 // Allows any thread to stop itself using the java.lang.Thread.stop()
63 // method that takes no argument.
64 // Note that this permission is granted by default only to remain
65 // backwards compatible.
66 // It is strongly recommended that you either remove this permission
67 // from this policy file or further restrict it to code sources
68 // that you specify, because Thread.stop() is potentially unsafe.
69 // See the API specification of java.lang.Thread.stop() for more
70 // information.
71 permission java.lang.RuntimePermission "stopThread";
72
73 // allows anyone to listen on dynamic ports
74 permission java.net.SocketPermission "localhost:0", "listen";
75
76 // "standard" properies that can be read by anyone
77
78 permission java.util.PropertyPermission "java.version", "read";
79 permission java.util.PropertyPermission "java.vendor", "read";
80 permission java.util.PropertyPermission "java.vendor.url", "read";
81 permission java.util.PropertyPermission "java.class.version", "read";
82 permission java.util.PropertyPermission "os.name", "read";
83 permission java.util.PropertyPermission "os.version", "read";
84 permission java.util.PropertyPermission "os.arch", "read";
85 permission java.util.PropertyPermission "file.separator", "read";
86 permission java.util.PropertyPermission "path.separator", "read";
87 permission java.util.PropertyPermission "line.separator", "read";
88
89 permission java.util.PropertyPermission "java.specification.version", "read";
90 permission java.util.PropertyPermission "java.specification.vendor", "read";
91 permission java.util.PropertyPermission "java.specification.name", "read";
92
93 permission java.util.PropertyPermission "java.vm.specification.version", "read";
94 permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
95 permission java.util.PropertyPermission "java.vm.specification.name", "read";
96 permission java.util.PropertyPermission "java.vm.version", "read";
97 permission java.util.PropertyPermission "java.vm.vendor", "read";
98 permission java.util.PropertyPermission "java.vm.name", "read";
99 };
100