default.policy revision 15959:a3b46c0604d2
1// 2// Permissions required by modules stored in a run-time image and loaded 3// by the platform class loader. 4// 5// NOTE that this file is not intended to be modified. If additional 6// permissions need to be granted to the modules in this file, it is 7// recommended that they be configured in a separate policy file or 8// ${java.home}/conf/security/java.policy. 9// 10 11grant codeBase "jrt:/java.activation" { 12 permission java.security.AllPermission; 13}; 14 15grant codeBase "jrt:/java.compiler" { 16 permission java.security.AllPermission; 17}; 18 19grant codeBase "jrt:/java.corba" { 20 permission java.security.AllPermission; 21}; 22 23grant codeBase "jrt:/java.scripting" { 24 permission java.security.AllPermission; 25}; 26 27grant codeBase "jrt:/java.security.jgss" { 28 permission java.security.AllPermission; 29}; 30 31grant codeBase "jrt:/java.smartcardio" { 32 permission javax.smartcardio.CardPermission "*", "*"; 33 permission java.lang.RuntimePermission "loadLibrary.j2pcsc"; 34 permission java.lang.RuntimePermission 35 "accessClassInPackage.sun.security.jca"; 36 permission java.lang.RuntimePermission 37 "accessClassInPackage.sun.security.util"; 38 permission java.util.PropertyPermission 39 "javax.smartcardio.TerminalFactory.DefaultType", "read"; 40 permission java.util.PropertyPermission "os.name", "read"; 41 permission java.util.PropertyPermission "os.arch", "read"; 42 permission java.util.PropertyPermission "sun.arch.data.model", "read"; 43 permission java.util.PropertyPermission 44 "sun.security.smartcardio.library", "read"; 45 permission java.util.PropertyPermission 46 "sun.security.smartcardio.t0GetResponse", "read"; 47 permission java.util.PropertyPermission 48 "sun.security.smartcardio.t1GetResponse", "read"; 49 permission java.util.PropertyPermission 50 "sun.security.smartcardio.t1StripLe", "read"; 51 // needed for looking up native PC/SC library 52 permission java.io.FilePermission "<<ALL FILES>>","read"; 53 permission java.security.SecurityPermission "putProviderProperty.SunPCSC"; 54 permission java.security.SecurityPermission 55 "clearProviderProperties.SunPCSC"; 56 permission java.security.SecurityPermission 57 "removeProviderProperty.SunPCSC"; 58}; 59 60grant codeBase "jrt:/java.sql" { 61 permission java.security.AllPermission; 62}; 63 64grant codeBase "jrt:/java.sql.rowset" { 65 permission java.security.AllPermission; 66}; 67 68grant codeBase "jrt:/java.xml.bind" { 69 permission java.lang.RuntimePermission 70 "accessClassInPackage.com.sun.xml.internal.*"; 71 permission java.lang.RuntimePermission 72 "accessClassInPackage.com.sun.istack.internal"; 73 permission java.lang.RuntimePermission 74 "accessClassInPackage.com.sun.istack.internal.*"; 75 permission java.lang.RuntimePermission "accessDeclaredMembers"; 76 permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; 77 permission java.util.PropertyPermission "*", "read"; 78}; 79 80grant codeBase "jrt:/java.xml.crypto" { 81 permission java.util.PropertyPermission "*", "read"; 82 permission java.security.SecurityPermission "putProviderProperty.XMLDSig"; 83 permission java.security.SecurityPermission 84 "clearProviderProperties.XMLDSig"; 85 permission java.security.SecurityPermission 86 "removeProviderProperty.XMLDSig"; 87 permission java.security.SecurityPermission 88 "com.sun.org.apache.xml.internal.security.register"; 89 permission java.security.SecurityPermission 90 "getProperty.jdk.xml.dsig.secureValidationPolicy"; 91}; 92 93grant codeBase "jrt:/java.xml.ws" { 94 permission java.lang.RuntimePermission 95 "accessClassInPackage.com.sun.xml.internal.*"; 96 permission java.lang.RuntimePermission 97 "accessClassInPackage.com.sun.istack.internal"; 98 permission java.lang.RuntimePermission 99 "accessClassInPackage.com.sun.istack.internal.*"; 100 permission java.lang.RuntimePermission 101 "accessClassInPackage.com.sun.org.apache.xerces.internal.*"; 102 permission java.lang.RuntimePermission "accessDeclaredMembers"; 103 permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; 104 permission java.util.PropertyPermission "*", "read"; 105}; 106 107grant codeBase "jrt:/jdk.charsets" { 108 permission java.util.PropertyPermission "os.name", "read"; 109 permission java.util.PropertyPermission "sun.nio.cs.map", "read"; 110 permission java.lang.RuntimePermission "charsetProvider"; 111 permission java.lang.RuntimePermission 112 "accessClassInPackage.jdk.internal.misc"; 113 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs"; 114}; 115 116grant codeBase "jrt:/jdk.crypto.ec" { 117 permission java.lang.RuntimePermission 118 "accessClassInPackage.sun.security.*"; 119 permission java.lang.RuntimePermission "loadLibrary.sunec"; 120 permission java.security.SecurityPermission "putProviderProperty.SunEC"; 121 permission java.security.SecurityPermission "clearProviderProperties.SunEC"; 122 permission java.security.SecurityPermission "removeProviderProperty.SunEC"; 123}; 124 125grant codeBase "jrt:/jdk.crypto.pkcs11" { 126 permission java.lang.RuntimePermission 127 "accessClassInPackage.sun.security.*"; 128 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch"; 129 permission java.lang.RuntimePermission "loadLibrary.j2pkcs11"; 130 permission java.util.PropertyPermission "sun.security.pkcs11.allowSingleThreadedModules", "read"; 131 permission java.util.PropertyPermission "os.name", "read"; 132 permission java.util.PropertyPermission "os.arch", "read"; 133 permission java.security.SecurityPermission "putProviderProperty.*"; 134 permission java.security.SecurityPermission "clearProviderProperties.*"; 135 permission java.security.SecurityPermission "removeProviderProperty.*"; 136 permission java.security.SecurityPermission 137 "getProperty.auth.login.defaultCallbackHandler"; 138 permission java.security.SecurityPermission "authProvider.*"; 139 // Needed for reading PKCS11 config file and NSS library check 140 permission java.io.FilePermission "<<ALL FILES>>", "read"; 141}; 142 143grant codeBase "jrt:/jdk.dynalink" { 144 permission java.security.AllPermission; 145}; 146 147grant codeBase "jrt:/jdk.internal.le" { 148 permission java.security.AllPermission; 149}; 150 151grant codeBase "jrt:/jdk.jsobject" { 152 permission java.security.AllPermission; 153}; 154 155grant codeBase "jrt:/jdk.localedata" { 156 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*"; 157 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*"; 158 permission java.util.PropertyPermission "*", "read"; 159}; 160 161grant codeBase "jrt:/jdk.naming.dns" { 162 permission java.security.AllPermission; 163}; 164 165grant codeBase "jrt:/jdk.scripting.nashorn" { 166 permission java.security.AllPermission; 167}; 168 169grant codeBase "jrt:/jdk.scripting.nashorn.shell" { 170 permission java.security.AllPermission; 171}; 172 173grant codeBase "jrt:/jdk.security.auth" { 174 permission java.security.AllPermission; 175}; 176 177grant codeBase "jrt:/jdk.security.jgss" { 178 permission java.security.AllPermission; 179}; 180 181grant codeBase "jrt:/jdk.zipfs" { 182 permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete"; 183 permission java.lang.RuntimePermission "fileSystemProvider"; 184 permission java.util.PropertyPermission "*", "read"; 185}; 186 187