--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/java.base/share/conf/security/java.policy	Sun Aug 17 15:54:13 2014 +0100
@@ -0,0 +1,102 @@
+// permissions required by each component
+grant codeBase "file:${java.home}/lib/ext/zipfs.jar" {
+        permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
+        permission java.lang.RuntimePermission "fileSystemProvider";
+        permission java.util.PropertyPermission "*", "read";
+};
+
+grant codeBase "file:${java.home}/lib/ext/cldrdata.jar" {
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
+        permission java.util.PropertyPermission "*", "read";
+};
+
+grant codeBase "file:${java.home}/lib/ext/localedata.jar" {
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
+        permission java.util.PropertyPermission "*", "read";
+};
+
+grant codeBase "file:${java.home}/lib/ext/dnsns.jar" {
+        permission java.security.AllPermission;
+};
+
+grant codeBase "file:${java.home}/lib/ext/nashorn.jar" {
+        permission java.security.AllPermission;
+};
+
+grant codeBase "file:${java.home}/lib/ext/sunec.jar" {
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
+        permission java.lang.RuntimePermission "loadLibrary.sunec";
+        permission java.util.PropertyPermission "*", "read";
+        permission java.security.SecurityPermission "putProviderProperty.SunEC";
+        permission java.security.SecurityPermission "clearProviderProperties.SunEC";
+        permission java.security.SecurityPermission "removeProviderProperty.SunEC";
+};
+
+grant codeBase "file:${java.home}/lib/ext/sunjce_provider.jar" {
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
+        permission java.util.PropertyPermission "*", "read";
+        permission java.security.SecurityPermission "putProviderProperty.SunJCE";
+        permission java.security.SecurityPermission "clearProviderProperties.SunJCE";
+        permission java.security.SecurityPermission "removeProviderProperty.SunJCE";
+};
+
+grant codeBase "file:${java.home}/lib/ext/sunpkcs11.jar" {
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
+        permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
+        // needs "security.pkcs11.allowSingleThreadedModules"
+        permission java.util.PropertyPermission "*", "read";
+        permission java.security.SecurityPermission "putProviderProperty.*";
+        permission java.security.SecurityPermission "clearProviderProperties.*";
+        permission java.security.SecurityPermission "removeProviderProperty.*";
+        permission java.security.SecurityPermission "getProperty.auth.login.defaultCallbackHandler";
+        permission java.security.SecurityPermission "authProvider.*";
+        // Needed for reading PKCS11 config file and NSS library check
+        permission java.io.FilePermission "<<ALL FILES>>", "read";
+};
+
+// default permissions granted to all domains
+
+grant {
+        // Allows any thread to stop itself using the java.lang.Thread.stop()
+        // method that takes no argument.
+        // Note that this permission is granted by default only to remain
+        // backwards compatible.
+        // It is strongly recommended that you either remove this permission
+        // from this policy file or further restrict it to code sources
+        // that you specify, because Thread.stop() is potentially unsafe.
+        // See the API specification of java.lang.Thread.stop() for more
+        // information.
+        permission java.lang.RuntimePermission "stopThread";
+
+        // allows anyone to listen on dynamic ports
+        permission java.net.SocketPermission "localhost:0", "listen";
+
+        // "standard" properies that can be read by anyone
+
+        permission java.util.PropertyPermission "java.version", "read";
+        permission java.util.PropertyPermission "java.vendor", "read";
+        permission java.util.PropertyPermission "java.vendor.url", "read";
+        permission java.util.PropertyPermission "java.class.version", "read";
+        permission java.util.PropertyPermission "os.name", "read";
+        permission java.util.PropertyPermission "os.version", "read";
+        permission java.util.PropertyPermission "os.arch", "read";
+        permission java.util.PropertyPermission "file.separator", "read";
+        permission java.util.PropertyPermission "path.separator", "read";
+        permission java.util.PropertyPermission "line.separator", "read";
+
+        permission java.util.PropertyPermission "java.specification.version", "read";
+        permission java.util.PropertyPermission "java.specification.vendor", "read";
+        permission java.util.PropertyPermission "java.specification.name", "read";
+
+        permission java.util.PropertyPermission "java.vm.specification.version", "read";
+        permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
+        permission java.util.PropertyPermission "java.vm.specification.name", "read";
+        permission java.util.PropertyPermission "java.vm.version", "read";
+        permission java.util.PropertyPermission "java.vm.vendor", "read";
+        permission java.util.PropertyPermission "java.vm.name", "read";
+};
+