default.policy revision 15959:a3b46c0604d2 
1//
2// Permissions required by modules stored in a run-time image and loaded
3// by the platform class loader.
4//
5// NOTE that this file is not intended to be modified. If additional
6// permissions need to be granted to the modules in this file, it is
7// recommended that they be configured in a separate policy file or
8// ${java.home}/conf/security/java.policy.
9//
10
11grant codeBase "jrt:/java.activation" {
12    permission java.security.AllPermission;
13};
14
15grant codeBase "jrt:/java.compiler" {
16    permission java.security.AllPermission;
17};
18
19grant codeBase "jrt:/java.corba" {
20    permission java.security.AllPermission;
21};
22
23grant codeBase "jrt:/java.scripting" {
24    permission java.security.AllPermission;
25};
26
27grant codeBase "jrt:/java.security.jgss" {
28    permission java.security.AllPermission;
29};
30
31grant codeBase "jrt:/java.smartcardio" {
32    permission javax.smartcardio.CardPermission "*", "*";
33    permission java.lang.RuntimePermission "loadLibrary.j2pcsc";
34    permission java.lang.RuntimePermission
35                   "accessClassInPackage.sun.security.jca";
36    permission java.lang.RuntimePermission
37                   "accessClassInPackage.sun.security.util";
38    permission java.util.PropertyPermission
39                   "javax.smartcardio.TerminalFactory.DefaultType", "read";
40    permission java.util.PropertyPermission "os.name", "read";
41    permission java.util.PropertyPermission "os.arch", "read";
42    permission java.util.PropertyPermission "sun.arch.data.model", "read";
43    permission java.util.PropertyPermission
44                   "sun.security.smartcardio.library", "read";
45    permission java.util.PropertyPermission
46                   "sun.security.smartcardio.t0GetResponse", "read";
47    permission java.util.PropertyPermission
48                   "sun.security.smartcardio.t1GetResponse", "read";
49    permission java.util.PropertyPermission
50                   "sun.security.smartcardio.t1StripLe", "read";
51    // needed for looking up native PC/SC library
52    permission java.io.FilePermission "<<ALL FILES>>","read";
53    permission java.security.SecurityPermission "putProviderProperty.SunPCSC";
54    permission java.security.SecurityPermission
55                   "clearProviderProperties.SunPCSC";
56    permission java.security.SecurityPermission
57                   "removeProviderProperty.SunPCSC";
58};
59
60grant codeBase "jrt:/java.sql" {
61    permission java.security.AllPermission;
62};
63
64grant codeBase "jrt:/java.sql.rowset" {
65    permission java.security.AllPermission;
66};
67
68grant codeBase "jrt:/java.xml.bind" {
69    permission java.lang.RuntimePermission
70                   "accessClassInPackage.com.sun.xml.internal.*";
71    permission java.lang.RuntimePermission
72                   "accessClassInPackage.com.sun.istack.internal";
73    permission java.lang.RuntimePermission
74                   "accessClassInPackage.com.sun.istack.internal.*";
75    permission java.lang.RuntimePermission "accessDeclaredMembers";
76    permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
77    permission java.util.PropertyPermission "*", "read";
78};
79
80grant codeBase "jrt:/java.xml.crypto" {
81    permission java.util.PropertyPermission "*", "read";
82    permission java.security.SecurityPermission "putProviderProperty.XMLDSig";
83    permission java.security.SecurityPermission
84                   "clearProviderProperties.XMLDSig";
85    permission java.security.SecurityPermission
86                   "removeProviderProperty.XMLDSig";
87    permission java.security.SecurityPermission
88                   "com.sun.org.apache.xml.internal.security.register";
89    permission java.security.SecurityPermission
90                   "getProperty.jdk.xml.dsig.secureValidationPolicy";
91};
92
93grant codeBase "jrt:/java.xml.ws" {
94    permission java.lang.RuntimePermission
95                   "accessClassInPackage.com.sun.xml.internal.*";
96    permission java.lang.RuntimePermission
97                   "accessClassInPackage.com.sun.istack.internal";
98    permission java.lang.RuntimePermission
99                   "accessClassInPackage.com.sun.istack.internal.*";
100    permission java.lang.RuntimePermission
101                   "accessClassInPackage.com.sun.org.apache.xerces.internal.*";
102    permission java.lang.RuntimePermission "accessDeclaredMembers";
103    permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
104    permission java.util.PropertyPermission "*", "read";
105};
106
107grant codeBase "jrt:/jdk.charsets" {
108    permission java.util.PropertyPermission "os.name", "read";
109    permission java.util.PropertyPermission "sun.nio.cs.map", "read";
110    permission java.lang.RuntimePermission "charsetProvider";
111    permission java.lang.RuntimePermission
112                   "accessClassInPackage.jdk.internal.misc";
113    permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";
114};
115
116grant codeBase "jrt:/jdk.crypto.ec" {
117    permission java.lang.RuntimePermission
118                   "accessClassInPackage.sun.security.*";
119    permission java.lang.RuntimePermission "loadLibrary.sunec";
120    permission java.security.SecurityPermission "putProviderProperty.SunEC";
121    permission java.security.SecurityPermission "clearProviderProperties.SunEC";
122    permission java.security.SecurityPermission "removeProviderProperty.SunEC";
123};
124
125grant codeBase "jrt:/jdk.crypto.pkcs11" {
126    permission java.lang.RuntimePermission
127                   "accessClassInPackage.sun.security.*";
128    permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
129    permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
130    permission java.util.PropertyPermission "sun.security.pkcs11.allowSingleThreadedModules", "read";
131    permission java.util.PropertyPermission "os.name", "read";
132    permission java.util.PropertyPermission "os.arch", "read";
133    permission java.security.SecurityPermission "putProviderProperty.*";
134    permission java.security.SecurityPermission "clearProviderProperties.*";
135    permission java.security.SecurityPermission "removeProviderProperty.*";
136    permission java.security.SecurityPermission
137                   "getProperty.auth.login.defaultCallbackHandler";
138    permission java.security.SecurityPermission "authProvider.*";
139    // Needed for reading PKCS11 config file and NSS library check
140    permission java.io.FilePermission "<<ALL FILES>>", "read";
141};
142
143grant codeBase "jrt:/jdk.dynalink" {
144    permission java.security.AllPermission;
145};
146
147grant codeBase "jrt:/jdk.internal.le" {
148    permission java.security.AllPermission;
149};
150
151grant codeBase "jrt:/jdk.jsobject" {
152    permission java.security.AllPermission;
153};
154
155grant codeBase "jrt:/jdk.localedata" {
156    permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
157    permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
158    permission java.util.PropertyPermission "*", "read";
159};
160
161grant codeBase "jrt:/jdk.naming.dns" {
162    permission java.security.AllPermission;
163};
164
165grant codeBase "jrt:/jdk.scripting.nashorn" {
166    permission java.security.AllPermission;
167};
168
169grant codeBase "jrt:/jdk.scripting.nashorn.shell" {
170    permission java.security.AllPermission;
171};
172
173grant codeBase "jrt:/jdk.security.auth" {
174    permission java.security.AllPermission;
175};
176
177grant codeBase "jrt:/jdk.security.jgss" {
178    permission java.security.AllPermission;
179};
180
181grant codeBase "jrt:/jdk.zipfs" {
182    permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
183    permission java.lang.RuntimePermission "fileSystemProvider";
184    permission java.util.PropertyPermission "*", "read";
185};
186
187