1 // permissions required by each component 2 grant codeBase "file:${java.home}/lib/ext/zipfs.jar" { 3 permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete"; 4 permission java.lang.RuntimePermission "fileSystemProvider"; 5 permission java.util.PropertyPermission "*", "read"; 6 }; 7 8 grant codeBase "file:${java.home}/lib/ext/cldrdata.jar" { 9 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*"; 10 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*"; 11 permission java.util.PropertyPermission "*", "read"; 12 }; 13 14 grant codeBase "file:${java.home}/lib/ext/localedata.jar" { 15 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*"; 16 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*"; 17 permission java.util.PropertyPermission "*", "read"; 18 }; 19 20 grant codeBase "file:${java.home}/lib/ext/dnsns.jar" { 21 permission java.security.AllPermission; 22 }; 23 24 grant codeBase "file:${java.home}/lib/ext/nashorn.jar" { 25 permission java.security.AllPermission; 26 }; 27 28 grant codeBase "file:${java.home}/lib/ext/sunec.jar" { 29 permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*"; 30 permission java.lang.RuntimePermission "loadLibrary.sunec"; 31 permission java.util.PropertyPermission "*", "read"; 32 permission java.security.SecurityPermission "putProviderProperty.SunEC"; 33 permission java.security.SecurityPermission "clearProviderProperties.SunEC"; 34 permission java.security.SecurityPermission "removeProviderProperty.SunEC"; 35 }; 36 37 grant codeBase "file:${java.home}/lib/ext/sunjce_provider.jar" { 38 permission java.lang.RuntimePermission "accessClassInPackage.sun.misc"; 39 permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*"; 40 permission java.util.PropertyPermission "*", "read"; 41 permission java.security.SecurityPermission "putProviderProperty.SunJCE"; 42 permission java.security.SecurityPermission "clearProviderProperties.SunJCE"; 43 permission java.security.SecurityPermission "removeProviderProperty.SunJCE"; 44 }; 45 46 grant codeBase "file:${java.home}/lib/ext/sunpkcs11.jar" { 47 permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*"; 48 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch"; 49 permission java.lang.RuntimePermission "loadLibrary.j2pkcs11"; 50 permission java.util.PropertyPermission "*", "read"; 51 permission java.security.SecurityPermission "putProviderProperty.*"; 52 permission java.security.SecurityPermission "clearProviderProperties.*"; 53 permission java.security.SecurityPermission "removeProviderProperty.*"; 54 permission java.security.SecurityPermission "authProvider.*"; 55 // Needed for reading PKCS11 config file and NSS library check 56 permission java.io.FilePermission "<<ALL FILES>>", "read"; 57 }; 58 59 // default permissions granted to all domains 60 61 grant { 62 // Allows any thread to stop itself using the java.lang.Thread.stop() 63 // method that takes no argument. 64 // Note that this permission is granted by default only to remain 65 // backwards compatible. 66 // It is strongly recommended that you either remove this permission 67 // from this policy file or further restrict it to code sources 68 // that you specify, because Thread.stop() is potentially unsafe. 69 // See the API specification of java.lang.Thread.stop() for more 70 // information. 71 permission java.lang.RuntimePermission "stopThread"; 72 73 // allows anyone to listen on dynamic ports 74 permission java.net.SocketPermission "localhost:0", "listen"; 75 76 // "standard" properies that can be read by anyone 77 78 permission java.util.PropertyPermission "java.version", "read"; 79 permission java.util.PropertyPermission "java.vendor", "read"; 80 permission java.util.PropertyPermission "java.vendor.url", "read"; 81 permission java.util.PropertyPermission "java.class.version", "read"; 82 permission java.util.PropertyPermission "os.name", "read"; 83 permission java.util.PropertyPermission "os.version", "read"; 84 permission java.util.PropertyPermission "os.arch", "read"; 85 permission java.util.PropertyPermission "file.separator", "read"; 86 permission java.util.PropertyPermission "path.separator", "read"; 87 permission java.util.PropertyPermission "line.separator", "read"; 88 89 permission java.util.PropertyPermission "java.specification.version", "read"; 90 permission java.util.PropertyPermission "java.specification.vendor", "read"; 91 permission java.util.PropertyPermission "java.specification.name", "read"; 92 93 permission java.util.PropertyPermission "java.vm.specification.version", "read"; 94 permission java.util.PropertyPermission "java.vm.specification.vendor", "read"; 95 permission java.util.PropertyPermission "java.vm.specification.name", "read"; 96 permission java.util.PropertyPermission "java.vm.version", "read"; 97 permission java.util.PropertyPermission "java.vm.vendor", "read"; 98 permission java.util.PropertyPermission "java.vm.name", "read"; 99 }; 100