--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/java.base/share/conf/security/java.policy Sun Aug 17 15:54:13 2014 +0100
@@ -0,0 +1,102 @@
+// permissions required by each component
+grant codeBase "file:${java.home}/lib/ext/zipfs.jar" {
+ permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
+ permission java.lang.RuntimePermission "fileSystemProvider";
+ permission java.util.PropertyPermission "*", "read";
+};
+
+grant codeBase "file:${java.home}/lib/ext/cldrdata.jar" {
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
+ permission java.util.PropertyPermission "*", "read";
+};
+
+grant codeBase "file:${java.home}/lib/ext/localedata.jar" {
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
+ permission java.util.PropertyPermission "*", "read";
+};
+
+grant codeBase "file:${java.home}/lib/ext/dnsns.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${java.home}/lib/ext/nashorn.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${java.home}/lib/ext/sunec.jar" {
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
+ permission java.lang.RuntimePermission "loadLibrary.sunec";
+ permission java.util.PropertyPermission "*", "read";
+ permission java.security.SecurityPermission "putProviderProperty.SunEC";
+ permission java.security.SecurityPermission "clearProviderProperties.SunEC";
+ permission java.security.SecurityPermission "removeProviderProperty.SunEC";
+};
+
+grant codeBase "file:${java.home}/lib/ext/sunjce_provider.jar" {
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
+ permission java.util.PropertyPermission "*", "read";
+ permission java.security.SecurityPermission "putProviderProperty.SunJCE";
+ permission java.security.SecurityPermission "clearProviderProperties.SunJCE";
+ permission java.security.SecurityPermission "removeProviderProperty.SunJCE";
+};
+
+grant codeBase "file:${java.home}/lib/ext/sunpkcs11.jar" {
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
+ permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
+ // needs "security.pkcs11.allowSingleThreadedModules"
+ permission java.util.PropertyPermission "*", "read";
+ permission java.security.SecurityPermission "putProviderProperty.*";
+ permission java.security.SecurityPermission "clearProviderProperties.*";
+ permission java.security.SecurityPermission "removeProviderProperty.*";
+ permission java.security.SecurityPermission "getProperty.auth.login.defaultCallbackHandler";
+ permission java.security.SecurityPermission "authProvider.*";
+ // Needed for reading PKCS11 config file and NSS library check
+ permission java.io.FilePermission "<<ALL FILES>>", "read";
+};
+
+// default permissions granted to all domains
+
+grant {
+ // Allows any thread to stop itself using the java.lang.Thread.stop()
+ // method that takes no argument.
+ // Note that this permission is granted by default only to remain
+ // backwards compatible.
+ // It is strongly recommended that you either remove this permission
+ // from this policy file or further restrict it to code sources
+ // that you specify, because Thread.stop() is potentially unsafe.
+ // See the API specification of java.lang.Thread.stop() for more
+ // information.
+ permission java.lang.RuntimePermission "stopThread";
+
+ // allows anyone to listen on dynamic ports
+ permission java.net.SocketPermission "localhost:0", "listen";
+
+ // "standard" properies that can be read by anyone
+
+ permission java.util.PropertyPermission "java.version", "read";
+ permission java.util.PropertyPermission "java.vendor", "read";
+ permission java.util.PropertyPermission "java.vendor.url", "read";
+ permission java.util.PropertyPermission "java.class.version", "read";
+ permission java.util.PropertyPermission "os.name", "read";
+ permission java.util.PropertyPermission "os.version", "read";
+ permission java.util.PropertyPermission "os.arch", "read";
+ permission java.util.PropertyPermission "file.separator", "read";
+ permission java.util.PropertyPermission "path.separator", "read";
+ permission java.util.PropertyPermission "line.separator", "read";
+
+ permission java.util.PropertyPermission "java.specification.version", "read";
+ permission java.util.PropertyPermission "java.specification.vendor", "read";
+ permission java.util.PropertyPermission "java.specification.name", "read";
+
+ permission java.util.PropertyPermission "java.vm.specification.version", "read";
+ permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
+ permission java.util.PropertyPermission "java.vm.specification.name", "read";
+ permission java.util.PropertyPermission "java.vm.version", "read";
+ permission java.util.PropertyPermission "java.vm.vendor", "read";
+ permission java.util.PropertyPermission "java.vm.name", "read";
+};
+