1 //
2 // Permissions required by modules stored in a run-time image and loaded
3 // by the platform class loader.
4 //
5 // NOTE that this file is not intended to be modified. If additional
6 // permissions need to be granted to the modules in this file, it is
7 // recommended that they be configured in a separate policy file or
8 // ${java.home}/conf/security/java.policy.
9 //
10
11 grant codeBase "jrt:/java.activation" {
12 permission java.security.AllPermission;
13 };
14
15 grant codeBase "jrt:/java.compiler" {
16 permission java.security.AllPermission;
17 };
18
19 grant codeBase "jrt:/java.corba" {
20 permission java.security.AllPermission;
21 };
22
23 grant codeBase "jrt:/jdk.incubator.httpclient" {
24 };
25
26 grant codeBase "jrt:/java.scripting" {
27 permission java.security.AllPermission;
28 };
29
30 grant codeBase "jrt:/java.security.jgss" {
31 permission java.security.AllPermission;
32 };
33
34 grant codeBase "jrt:/java.smartcardio" {
35 permission javax.smartcardio.CardPermission "*", "*";
36 permission java.lang.RuntimePermission "loadLibrary.j2pcsc";
37 permission java.lang.RuntimePermission
38 "accessClassInPackage.sun.security.jca";
39 permission java.lang.RuntimePermission
40 "accessClassInPackage.sun.security.util";
41 permission java.util.PropertyPermission
42 "javax.smartcardio.TerminalFactory.DefaultType", "read";
43 permission java.util.PropertyPermission "os.name", "read";
44 permission java.util.PropertyPermission "os.arch", "read";
45 permission java.util.PropertyPermission "sun.arch.data.model", "read";
46 permission java.util.PropertyPermission
47 "sun.security.smartcardio.library", "read";
48 permission java.util.PropertyPermission
49 "sun.security.smartcardio.t0GetResponse", "read";
50 permission java.util.PropertyPermission
51 "sun.security.smartcardio.t1GetResponse", "read";
52 permission java.util.PropertyPermission
53 "sun.security.smartcardio.t1StripLe", "read";
54 // needed for looking up native PC/SC library
55 permission java.io.FilePermission "<<ALL FILES>>","read";
56 permission java.security.SecurityPermission "putProviderProperty.SunPCSC";
57 permission java.security.SecurityPermission
58 "clearProviderProperties.SunPCSC";
59 permission java.security.SecurityPermission
60 "removeProviderProperty.SunPCSC";
61 };
62
63 grant codeBase "jrt:/java.sql" {
64 permission java.security.AllPermission;
65 };
66
67 grant codeBase "jrt:/java.sql.rowset" {
68 permission java.security.AllPermission;
69 };
70
71 grant codeBase "jrt:/java.xml.bind" {
72 permission java.lang.RuntimePermission
73 "accessClassInPackage.com.sun.xml.internal.*";
74 permission java.lang.RuntimePermission
75 "accessClassInPackage.com.sun.istack.internal";
76 permission java.lang.RuntimePermission
77 "accessClassInPackage.com.sun.istack.internal.*";
78 permission java.lang.RuntimePermission "accessDeclaredMembers";
79 permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
80 permission java.util.PropertyPermission "*", "read";
81 };
82
83 grant codeBase "jrt:/java.xml.crypto" {
84 permission java.util.PropertyPermission "*", "read";
85 permission java.security.SecurityPermission "putProviderProperty.XMLDSig";
86 permission java.security.SecurityPermission
87 "clearProviderProperties.XMLDSig";
88 permission java.security.SecurityPermission
89 "removeProviderProperty.XMLDSig";
90 permission java.security.SecurityPermission
91 "com.sun.org.apache.xml.internal.security.register";
92 permission java.security.SecurityPermission
93 "getProperty.jdk.xml.dsig.secureValidationPolicy";
94 };
95
96 grant codeBase "jrt:/java.xml.ws" {
97 permission java.lang.RuntimePermission
98 "accessClassInPackage.com.sun.xml.internal.*";
99 permission java.lang.RuntimePermission
100 "accessClassInPackage.com.sun.istack.internal";
101 permission java.lang.RuntimePermission
102 "accessClassInPackage.com.sun.istack.internal.*";
103 permission java.lang.RuntimePermission
104 "accessClassInPackage.com.sun.org.apache.xerces.internal.*";
105 permission java.lang.RuntimePermission "accessDeclaredMembers";
106 permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
107 permission java.util.PropertyPermission "*", "read";
108 };
109
110 grant codeBase "jrt:/jdk.charsets" {
111 permission java.util.PropertyPermission "os.name", "read";
112 permission java.util.PropertyPermission "sun.nio.cs.map", "read";
113 permission java.lang.RuntimePermission "charsetProvider";
114 permission java.lang.RuntimePermission
115 "accessClassInPackage.jdk.internal.misc";
116 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";
117 };
118
119 grant codeBase "jrt:/jdk.crypto.ec" {
120 permission java.lang.RuntimePermission
121 "accessClassInPackage.sun.security.*";
122 permission java.lang.RuntimePermission "loadLibrary.sunec";
123 permission java.security.SecurityPermission "putProviderProperty.SunEC";
124 permission java.security.SecurityPermission "clearProviderProperties.SunEC";
125 permission java.security.SecurityPermission "removeProviderProperty.SunEC";
126 };
127
128 grant codeBase "jrt:/jdk.crypto.pkcs11" {
129 permission java.lang.RuntimePermission
130 "accessClassInPackage.sun.security.*";
131 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
132 permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
133 permission java.util.PropertyPermission "sun.security.pkcs11.allowSingleThreadedModules", "read";
134 permission java.util.PropertyPermission "os.name", "read";
135 permission java.util.PropertyPermission "os.arch", "read";
136 permission java.security.SecurityPermission "putProviderProperty.*";
137 permission java.security.SecurityPermission "clearProviderProperties.*";
138 permission java.security.SecurityPermission "removeProviderProperty.*";
139 permission java.security.SecurityPermission
140 "getProperty.auth.login.defaultCallbackHandler";
141 permission java.security.SecurityPermission "authProvider.*";
142 // Needed for reading PKCS11 config file and NSS library check
143 permission java.io.FilePermission "<<ALL FILES>>", "read";
144 };
145
146 grant codeBase "jrt:/jdk.dynalink" {
147 permission java.security.AllPermission;
148 };
149
150 grant codeBase "jrt:/jdk.internal.le" {
151 permission java.security.AllPermission;
152 };
153
154 grant codeBase "jrt:/jdk.jsobject" {
155 permission java.security.AllPermission;
156 };
157
158 grant codeBase "jrt:/jdk.localedata" {
159 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
160 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
161 };
162
163 grant codeBase "jrt:/jdk.naming.dns" {
164 permission java.security.AllPermission;
165 };
166
167 grant codeBase "jrt:/jdk.scripting.nashorn" {
168 permission java.security.AllPermission;
169 };
170
171 grant codeBase "jrt:/jdk.scripting.nashorn.shell" {
172 permission java.security.AllPermission;
173 };
174
175 grant codeBase "jrt:/jdk.security.auth" {
176 permission java.security.AllPermission;
177 };
178
179 grant codeBase "jrt:/jdk.security.jgss" {
180 permission java.security.AllPermission;
181 };
182
183 grant codeBase "jrt:/jdk.zipfs" {
184 permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
185 permission java.lang.RuntimePermission "fileSystemProvider";
186 permission java.util.PropertyPermission "os.name", "read";
187 };
188