| author | chegar |
| Thu, 17 Oct 2019 20:54:25 +0100 | |
| branch | datagramsocketimpl-branch |
| changeset 58679 | 9c3209ff7550 |
| parent 58678 | 9cf78a70fa4f |
| parent 58080 | 931799bfbc10 |
| permissions | -rw-r--r-- |
|
39884
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
1 |
// |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
2 |
// Permissions required by modules stored in a run-time image and loaded |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
3 |
// by the platform class loader. |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
4 |
// |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
5 |
// NOTE that this file is not intended to be modified. If additional |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
6 |
// permissions need to be granted to the modules in this file, it is |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
7 |
// recommended that they be configured in a separate policy file or |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
8 |
// ${java.home}/conf/security/java.policy.
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
9 |
// |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
10 |
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
11 |
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
12 |
grant codeBase "jrt:/java.compiler" {
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
13 |
permission java.security.AllPermission; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
14 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
15 |
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
16 |
|
| 49765 | 17 |
grant codeBase "jrt:/java.net.http" {
|
18 |
permission java.lang.RuntimePermission "accessClassInPackage.sun.net"; |
|
19 |
permission java.lang.RuntimePermission "accessClassInPackage.sun.net.util"; |
|
20 |
permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www"; |
|
21 |
permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.misc"; |
|
22 |
permission java.net.SocketPermission "*","connect,resolve"; |
|
23 |
permission java.net.URLPermission "http:*","*:*"; |
|
24 |
permission java.net.URLPermission "https:*","*:*"; |
|
25 |
permission java.net.URLPermission "ws:*","*:*"; |
|
26 |
permission java.net.URLPermission "wss:*","*:*"; |
|
27 |
permission java.net.URLPermission "socket:*","CONNECT"; // proxy |
|
28 |
// For request/response body processors, fromFile, asFile |
|
29 |
permission java.io.FilePermission "<<ALL FILES>>","read,write,delete"; |
|
30 |
permission java.util.PropertyPermission "*","read"; |
|
31 |
permission java.net.NetPermission "getProxySelector"; |
|
32 |
}; |
|
33 |
||
|
39884
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
34 |
grant codeBase "jrt:/java.scripting" {
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
35 |
permission java.security.AllPermission; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
36 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
37 |
|
|
39885
5b01da2e0368
8159528: Deprivilege java.security.jgss, jdk.security.jgss and jdk.security.auth
weijun
parents:
39884
diff
changeset
|
38 |
grant codeBase "jrt:/java.security.jgss" {
|
|
5b01da2e0368
8159528: Deprivilege java.security.jgss, jdk.security.jgss and jdk.security.auth
weijun
parents:
39884
diff
changeset
|
39 |
permission java.security.AllPermission; |
|
5b01da2e0368
8159528: Deprivilege java.security.jgss, jdk.security.jgss and jdk.security.auth
weijun
parents:
39884
diff
changeset
|
40 |
}; |
|
5b01da2e0368
8159528: Deprivilege java.security.jgss, jdk.security.jgss and jdk.security.auth
weijun
parents:
39884
diff
changeset
|
41 |
|
|
39884
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
42 |
grant codeBase "jrt:/java.smartcardio" {
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
43 |
permission javax.smartcardio.CardPermission "*", "*"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
44 |
permission java.lang.RuntimePermission "loadLibrary.j2pcsc"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
45 |
permission java.lang.RuntimePermission |
|
41812
16d830c87e7b
8168851: Tighten permissions granted to the java.smartcardio module
mullan
parents:
41603
diff
changeset
|
46 |
"accessClassInPackage.sun.security.jca"; |
|
16d830c87e7b
8168851: Tighten permissions granted to the java.smartcardio module
mullan
parents:
41603
diff
changeset
|
47 |
permission java.lang.RuntimePermission |
|
16d830c87e7b
8168851: Tighten permissions granted to the java.smartcardio module
mullan
parents:
41603
diff
changeset
|
48 |
"accessClassInPackage.sun.security.util"; |
|
16d830c87e7b
8168851: Tighten permissions granted to the java.smartcardio module
mullan
parents:
41603
diff
changeset
|
49 |
permission java.util.PropertyPermission |
|
16d830c87e7b
8168851: Tighten permissions granted to the java.smartcardio module
mullan
parents:
41603
diff
changeset
|
50 |
"javax.smartcardio.TerminalFactory.DefaultType", "read"; |
|
16d830c87e7b
8168851: Tighten permissions granted to the java.smartcardio module
mullan
parents:
41603
diff
changeset
|
51 |
permission java.util.PropertyPermission "os.name", "read"; |
|
16d830c87e7b
8168851: Tighten permissions granted to the java.smartcardio module
mullan
parents:
41603
diff
changeset
|
52 |
permission java.util.PropertyPermission "os.arch", "read"; |
|
16d830c87e7b
8168851: Tighten permissions granted to the java.smartcardio module
mullan
parents:
41603
diff
changeset
|
53 |
permission java.util.PropertyPermission "sun.arch.data.model", "read"; |
|
16d830c87e7b
8168851: Tighten permissions granted to the java.smartcardio module
mullan
parents:
41603
diff
changeset
|
54 |
permission java.util.PropertyPermission |
|
16d830c87e7b
8168851: Tighten permissions granted to the java.smartcardio module
mullan
parents:
41603
diff
changeset
|
55 |
"sun.security.smartcardio.library", "read"; |
|
16d830c87e7b
8168851: Tighten permissions granted to the java.smartcardio module
mullan
parents:
41603
diff
changeset
|
56 |
permission java.util.PropertyPermission |
|
16d830c87e7b
8168851: Tighten permissions granted to the java.smartcardio module
mullan
parents:
41603
diff
changeset
|
57 |
"sun.security.smartcardio.t0GetResponse", "read"; |
|
16d830c87e7b
8168851: Tighten permissions granted to the java.smartcardio module
mullan
parents:
41603
diff
changeset
|
58 |
permission java.util.PropertyPermission |
|
16d830c87e7b
8168851: Tighten permissions granted to the java.smartcardio module
mullan
parents:
41603
diff
changeset
|
59 |
"sun.security.smartcardio.t1GetResponse", "read"; |
|
16d830c87e7b
8168851: Tighten permissions granted to the java.smartcardio module
mullan
parents:
41603
diff
changeset
|
60 |
permission java.util.PropertyPermission |
|
16d830c87e7b
8168851: Tighten permissions granted to the java.smartcardio module
mullan
parents:
41603
diff
changeset
|
61 |
"sun.security.smartcardio.t1StripLe", "read"; |
|
39884
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
62 |
// needed for looking up native PC/SC library |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
63 |
permission java.io.FilePermission "<<ALL FILES>>","read"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
64 |
permission java.security.SecurityPermission "putProviderProperty.SunPCSC"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
65 |
permission java.security.SecurityPermission |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
66 |
"clearProviderProperties.SunPCSC"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
67 |
permission java.security.SecurityPermission |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
68 |
"removeProviderProperty.SunPCSC"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
69 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
70 |
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
71 |
grant codeBase "jrt:/java.sql" {
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
72 |
permission java.security.AllPermission; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
73 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
74 |
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
75 |
grant codeBase "jrt:/java.sql.rowset" {
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
76 |
permission java.security.AllPermission; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
77 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
78 |
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
79 |
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
80 |
grant codeBase "jrt:/java.xml.crypto" {
|
| 43206 | 81 |
permission java.lang.RuntimePermission |
82 |
"accessClassInPackage.sun.security.util"; |
|
|
39884
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
83 |
permission java.util.PropertyPermission "*", "read"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
84 |
permission java.security.SecurityPermission "putProviderProperty.XMLDSig"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
85 |
permission java.security.SecurityPermission |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
86 |
"clearProviderProperties.XMLDSig"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
87 |
permission java.security.SecurityPermission |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
88 |
"removeProviderProperty.XMLDSig"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
89 |
permission java.security.SecurityPermission |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
90 |
"com.sun.org.apache.xml.internal.security.register"; |
|
40551
05eba5515cbb
8151893: Add security property to configure XML Signature secure validation mode
mullan
parents:
39885
diff
changeset
|
91 |
permission java.security.SecurityPermission |
|
05eba5515cbb
8151893: Add security property to configure XML Signature secure validation mode
mullan
parents:
39885
diff
changeset
|
92 |
"getProperty.jdk.xml.dsig.secureValidationPolicy"; |
|
43221
eef9383d25cb
8055206: Update SecurityManager::checkPackageAccess to restrict non-exported JDK packages by default
mullan
parents:
43206
diff
changeset
|
93 |
permission java.lang.RuntimePermission |
|
eef9383d25cb
8055206: Update SecurityManager::checkPackageAccess to restrict non-exported JDK packages by default
mullan
parents:
43206
diff
changeset
|
94 |
"accessClassInPackage.com.sun.org.apache.xml.internal.*"; |
|
eef9383d25cb
8055206: Update SecurityManager::checkPackageAccess to restrict non-exported JDK packages by default
mullan
parents:
43206
diff
changeset
|
95 |
permission java.lang.RuntimePermission |
|
eef9383d25cb
8055206: Update SecurityManager::checkPackageAccess to restrict non-exported JDK packages by default
mullan
parents:
43206
diff
changeset
|
96 |
"accessClassInPackage.com.sun.org.apache.xpath.internal"; |
|
eef9383d25cb
8055206: Update SecurityManager::checkPackageAccess to restrict non-exported JDK packages by default
mullan
parents:
43206
diff
changeset
|
97 |
permission java.lang.RuntimePermission |
|
eef9383d25cb
8055206: Update SecurityManager::checkPackageAccess to restrict non-exported JDK packages by default
mullan
parents:
43206
diff
changeset
|
98 |
"accessClassInPackage.com.sun.org.apache.xpath.internal.*"; |
|
39884
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
99 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
100 |
|
|
45640
b35c4c2cada2
8182137: Missing permissions in deprivileged java.xml.bind and java.xml.ws modules
mchung
parents:
43996
diff
changeset
|
101 |
|
|
b35c4c2cada2
8182137: Missing permissions in deprivileged java.xml.bind and java.xml.ws modules
mchung
parents:
43996
diff
changeset
|
102 |
grant codeBase "jrt:/jdk.accessibility" {
|
|
b35c4c2cada2
8182137: Missing permissions in deprivileged java.xml.bind and java.xml.ws modules
mchung
parents:
43996
diff
changeset
|
103 |
permission java.lang.RuntimePermission "accessClassInPackage.sun.awt"; |
|
39884
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
104 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
105 |
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
106 |
grant codeBase "jrt:/jdk.charsets" {
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
107 |
permission java.util.PropertyPermission "os.name", "read"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
108 |
permission java.lang.RuntimePermission "charsetProvider"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
109 |
permission java.lang.RuntimePermission |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
110 |
"accessClassInPackage.jdk.internal.misc"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
111 |
permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
112 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
113 |
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
114 |
grant codeBase "jrt:/jdk.crypto.ec" {
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
115 |
permission java.lang.RuntimePermission |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
116 |
"accessClassInPackage.sun.security.*"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
117 |
permission java.lang.RuntimePermission "loadLibrary.sunec"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
118 |
permission java.security.SecurityPermission "putProviderProperty.SunEC"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
119 |
permission java.security.SecurityPermission "clearProviderProperties.SunEC"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
120 |
permission java.security.SecurityPermission "removeProviderProperty.SunEC"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
121 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
122 |
|
|
43248
5e15de85a1a0
8172527: Rename jdk.crypto.token to jdk.crypto.cryptoki
ascarpino
parents:
43245
diff
changeset
|
123 |
grant codeBase "jrt:/jdk.crypto.cryptoki" {
|
|
39884
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
124 |
permission java.lang.RuntimePermission |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
125 |
"accessClassInPackage.sun.security.*"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
126 |
permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
127 |
permission java.lang.RuntimePermission "loadLibrary.j2pkcs11"; |
|
41603
bb9d97b4c21b
8168313: Tighten permissions granted to jdk.crypto.pkcs11 module
mullan
parents:
41556
diff
changeset
|
128 |
permission java.util.PropertyPermission "sun.security.pkcs11.allowSingleThreadedModules", "read"; |
|
53257
5170dc2bcf64
6913047: Long term memory leak when using PKCS11 and JCE exceeds 32 bit process address space
mbalao
parents:
51929
diff
changeset
|
129 |
permission java.util.PropertyPermission "sun.security.pkcs11.disableKeyExtraction", "read"; |
|
41603
bb9d97b4c21b
8168313: Tighten permissions granted to jdk.crypto.pkcs11 module
mullan
parents:
41556
diff
changeset
|
130 |
permission java.util.PropertyPermission "os.name", "read"; |
|
bb9d97b4c21b
8168313: Tighten permissions granted to jdk.crypto.pkcs11 module
mullan
parents:
41556
diff
changeset
|
131 |
permission java.util.PropertyPermission "os.arch", "read"; |
| 48580 | 132 |
permission java.util.PropertyPermission "jdk.crypto.KeyAgreement.legacyKDF", "read"; |
|
39884
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
133 |
permission java.security.SecurityPermission "putProviderProperty.*"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
134 |
permission java.security.SecurityPermission "clearProviderProperties.*"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
135 |
permission java.security.SecurityPermission "removeProviderProperty.*"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
136 |
permission java.security.SecurityPermission |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
137 |
"getProperty.auth.login.defaultCallbackHandler"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
138 |
permission java.security.SecurityPermission "authProvider.*"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
139 |
// Needed for reading PKCS11 config file and NSS library check |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
140 |
permission java.io.FilePermission "<<ALL FILES>>", "read"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
141 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
142 |
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
143 |
grant codeBase "jrt:/jdk.dynalink" {
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
144 |
permission java.security.AllPermission; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
145 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
146 |
|
| 47267 | 147 |
grant codeBase "jrt:/jdk.httpserver" {
|
148 |
permission java.security.AllPermission; |
|
149 |
}; |
|
150 |
||
|
39884
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
151 |
grant codeBase "jrt:/jdk.internal.le" {
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
152 |
permission java.security.AllPermission; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
153 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
154 |
|
|
45640
b35c4c2cada2
8182137: Missing permissions in deprivileged java.xml.bind and java.xml.ws modules
mchung
parents:
43996
diff
changeset
|
155 |
grant codeBase "jrt:/jdk.internal.vm.compiler" {
|
|
b35c4c2cada2
8182137: Missing permissions in deprivileged java.xml.bind and java.xml.ws modules
mchung
parents:
43996
diff
changeset
|
156 |
permission java.security.AllPermission; |
|
b35c4c2cada2
8182137: Missing permissions in deprivileged java.xml.bind and java.xml.ws modules
mchung
parents:
43996
diff
changeset
|
157 |
}; |
|
b35c4c2cada2
8182137: Missing permissions in deprivileged java.xml.bind and java.xml.ws modules
mchung
parents:
43996
diff
changeset
|
158 |
|
|
47595
bb0c5c1a2785
8188775: Module jdk.internal.vm.compiler.management has not been granted accessClassInPackage.org.graalvm.compiler.hotspot
kvn
parents:
47267
diff
changeset
|
159 |
grant codeBase "jrt:/jdk.internal.vm.compiler.management" {
|
|
53292
8065db7231ae
8216151: [Graal] Module jdk.internal.vm.compiler.management has not been granted accessClassInPackage.org.graalvm.compiler.debug
kvn
parents:
51929
diff
changeset
|
160 |
permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.vm.compiler.collections"; |
|
48130
998c88ae423a
8189116: Give the jdk.internal.vm.compiler.management only the permissions it really needs to expose the bean
jtulach
parents:
47595
diff
changeset
|
161 |
permission java.lang.RuntimePermission "accessClassInPackage.jdk.vm.ci.runtime"; |
|
54384
cd3b7ad53265
8221782: [Graal] Module jdk.internal.vm.compiler.management has not been granted accessClassInPackage.jdk.vm.ci.services
kvn
parents:
53516
diff
changeset
|
162 |
permission java.lang.RuntimePermission "accessClassInPackage.jdk.vm.ci.services"; |
|
53292
8065db7231ae
8216151: [Graal] Module jdk.internal.vm.compiler.management has not been granted accessClassInPackage.org.graalvm.compiler.debug
kvn
parents:
51929
diff
changeset
|
163 |
permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.core.common"; |
|
8065db7231ae
8216151: [Graal] Module jdk.internal.vm.compiler.management has not been granted accessClassInPackage.org.graalvm.compiler.debug
kvn
parents:
51929
diff
changeset
|
164 |
permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.debug"; |
|
8065db7231ae
8216151: [Graal] Module jdk.internal.vm.compiler.management has not been granted accessClassInPackage.org.graalvm.compiler.debug
kvn
parents:
51929
diff
changeset
|
165 |
permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.hotspot"; |
|
8065db7231ae
8216151: [Graal] Module jdk.internal.vm.compiler.management has not been granted accessClassInPackage.org.graalvm.compiler.debug
kvn
parents:
51929
diff
changeset
|
166 |
permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.options"; |
|
8065db7231ae
8216151: [Graal] Module jdk.internal.vm.compiler.management has not been granted accessClassInPackage.org.graalvm.compiler.debug
kvn
parents:
51929
diff
changeset
|
167 |
permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.phases.common.jmx"; |
|
8065db7231ae
8216151: [Graal] Module jdk.internal.vm.compiler.management has not been granted accessClassInPackage.org.graalvm.compiler.debug
kvn
parents:
51929
diff
changeset
|
168 |
permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.serviceprovider"; |
|
47595
bb0c5c1a2785
8188775: Module jdk.internal.vm.compiler.management has not been granted accessClassInPackage.org.graalvm.compiler.hotspot
kvn
parents:
47267
diff
changeset
|
169 |
}; |
|
bb0c5c1a2785
8188775: Module jdk.internal.vm.compiler.management has not been granted accessClassInPackage.org.graalvm.compiler.hotspot
kvn
parents:
47267
diff
changeset
|
170 |
|
|
39884
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
171 |
grant codeBase "jrt:/jdk.jsobject" {
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
172 |
permission java.security.AllPermission; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
173 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
174 |
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
175 |
grant codeBase "jrt:/jdk.localedata" {
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
176 |
permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
177 |
permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
178 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
179 |
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
180 |
grant codeBase "jrt:/jdk.naming.dns" {
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
181 |
permission java.security.AllPermission; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
182 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
183 |
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
184 |
grant codeBase "jrt:/jdk.scripting.nashorn" {
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
185 |
permission java.security.AllPermission; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
186 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
187 |
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
188 |
grant codeBase "jrt:/jdk.scripting.nashorn.shell" {
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
189 |
permission java.security.AllPermission; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
190 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
191 |
|
|
39885
5b01da2e0368
8159528: Deprivilege java.security.jgss, jdk.security.jgss and jdk.security.auth
weijun
parents:
39884
diff
changeset
|
192 |
grant codeBase "jrt:/jdk.security.auth" {
|
|
5b01da2e0368
8159528: Deprivilege java.security.jgss, jdk.security.jgss and jdk.security.auth
weijun
parents:
39884
diff
changeset
|
193 |
permission java.security.AllPermission; |
|
5b01da2e0368
8159528: Deprivilege java.security.jgss, jdk.security.jgss and jdk.security.auth
weijun
parents:
39884
diff
changeset
|
194 |
}; |
|
5b01da2e0368
8159528: Deprivilege java.security.jgss, jdk.security.jgss and jdk.security.auth
weijun
parents:
39884
diff
changeset
|
195 |
|
|
5b01da2e0368
8159528: Deprivilege java.security.jgss, jdk.security.jgss and jdk.security.auth
weijun
parents:
39884
diff
changeset
|
196 |
grant codeBase "jrt:/jdk.security.jgss" {
|
|
5b01da2e0368
8159528: Deprivilege java.security.jgss, jdk.security.jgss and jdk.security.auth
weijun
parents:
39884
diff
changeset
|
197 |
permission java.security.AllPermission; |
|
5b01da2e0368
8159528: Deprivilege java.security.jgss, jdk.security.jgss and jdk.security.auth
weijun
parents:
39884
diff
changeset
|
198 |
}; |
|
5b01da2e0368
8159528: Deprivilege java.security.jgss, jdk.security.jgss and jdk.security.auth
weijun
parents:
39884
diff
changeset
|
199 |
|
|
39884
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
200 |
grant codeBase "jrt:/jdk.zipfs" {
|
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
201 |
permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete"; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
202 |
permission java.lang.RuntimePermission "fileSystemProvider"; |
|
57665
bf325b739c8a
8213031: (zipfs) Add support for POSIX file permissions
clanger
parents:
54384
diff
changeset
|
203 |
permission java.lang.RuntimePermission "accessUserInformation"; |
|
41959
3b3918911a15
8168862: Tighten permissions granted to the jdk.zipfs module
sherman
parents:
41812
diff
changeset
|
204 |
permission java.util.PropertyPermission "os.name", "read"; |
|
53516
cd310319fead
8210469: Missing doPriviledged block and permission for jdk.zipfs module
lancea
parents:
53293
diff
changeset
|
205 |
permission java.util.PropertyPermission "user.dir", "read"; |
|
57665
bf325b739c8a
8213031: (zipfs) Add support for POSIX file permissions
clanger
parents:
54384
diff
changeset
|
206 |
permission java.util.PropertyPermission "user.name", "read"; |
|
39884
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
207 |
}; |
|
9a543219d0bb
8159752: Grant de-privileged module permissions by default with java.security.policy override option
mullan
parents:
diff
changeset
|
208 |
|
|
43245
bc7dea80c4d0
8173082: java/bean/* tests fail since change of JDK-8055206
mullan
parents:
43221
diff
changeset
|
209 |
// permissions needed by applications using java.desktop module |
|
bc7dea80c4d0
8173082: java/bean/* tests fail since change of JDK-8055206
mullan
parents:
43221
diff
changeset
|
210 |
grant {
|
|
bc7dea80c4d0
8173082: java/bean/* tests fail since change of JDK-8055206
mullan
parents:
43221
diff
changeset
|
211 |
permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans"; |
|
bc7dea80c4d0
8173082: java/bean/* tests fail since change of JDK-8055206
mullan
parents:
43221
diff
changeset
|
212 |
permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans.*"; |
|
bc7dea80c4d0
8173082: java/bean/* tests fail since change of JDK-8055206
mullan
parents:
43221
diff
changeset
|
213 |
permission java.lang.RuntimePermission "accessClassInPackage.com.sun.java.swing.plaf.*"; |
|
bc7dea80c4d0
8173082: java/bean/* tests fail since change of JDK-8055206
mullan
parents:
43221
diff
changeset
|
214 |
permission java.lang.RuntimePermission "accessClassInPackage.com.apple.*"; |
|
bc7dea80c4d0
8173082: java/bean/* tests fail since change of JDK-8055206
mullan
parents:
43221
diff
changeset
|
215 |
}; |