|
1 // Standard extensions get all permissions by default |
|
2 |
|
3 grant codeBase "file:${java.home}/lib/ext/*" { |
|
4 permission java.security.AllPermission; |
|
5 }; |
|
6 |
|
7 // default permissions granted to all domains |
|
8 grant { |
|
9 // Allows any thread to stop itself using the java.lang.Thread.stop() |
|
10 // method that takes no argument. |
|
11 // Note that this permission is granted by default only to remain |
|
12 // backwards compatible. |
|
13 // It is strongly recommended that you either remove this permission |
|
14 // from this policy file or further restrict it to code sources |
|
15 // that you specify, because Thread.stop() is potentially unsafe. |
|
16 // See "http://java.sun.com/notes" for more information. |
|
17 permission java.lang.RuntimePermission "stopThread"; |
|
18 |
|
19 // allows anyone to listen on un-privileged ports |
|
20 permission java.net.SocketPermission "localhost:1024-", "listen"; |
|
21 |
|
22 // "standard" properies that can be read by anyone |
|
23 |
|
24 permission java.util.PropertyPermission "java.version", "read"; |
|
25 permission java.util.PropertyPermission "java.vendor", "read"; |
|
26 permission java.util.PropertyPermission "java.vendor.url", "read"; |
|
27 permission java.util.PropertyPermission "java.class.version", "read"; |
|
28 permission java.util.PropertyPermission "os.name", "read"; |
|
29 permission java.util.PropertyPermission "os.version", "read"; |
|
30 permission java.util.PropertyPermission "os.arch", "read"; |
|
31 permission java.util.PropertyPermission "file.separator", "read"; |
|
32 permission java.util.PropertyPermission "path.separator", "read"; |
|
33 permission java.util.PropertyPermission "line.separator", "read"; |
|
34 |
|
35 permission java.util.PropertyPermission "java.specification.version", "read"; |
|
36 permission java.util.PropertyPermission "java.specification.vendor", "read"; |
|
37 permission java.util.PropertyPermission "java.specification.name", "read"; |
|
38 |
|
39 permission java.util.PropertyPermission "java.vm.specification.version", "read"; |
|
40 permission java.util.PropertyPermission "java.vm.specification.vendor", "read"; |
|
41 permission java.util.PropertyPermission "java.vm.specification.name", "read"; |
|
42 permission java.util.PropertyPermission "java.vm.version", "read"; |
|
43 permission java.util.PropertyPermission "java.vm.vendor", "read"; |
|
44 permission java.util.PropertyPermission "java.vm.name", "read"; |
|
45 |
|
46 permission java.io.FilePermission "*","read,write"; |
|
47 |
|
48 }; |
|
49 |
|
50 grant codeBase "file:/-" { |
|
51 permission java.security.AllPermission; |
|
52 permission java.io.FilePermission "*","read,write"; |
|
53 }; |
|
54 |
|
55 grant principal javax.management.remote.JMXPrincipal "SQE_username" { |
|
56 permission javax.management.MBeanServerPermission "*"; |
|
57 permission javax.management.MBeanPermission "Simple", "instantiate"; |
|
58 permission javax.management.MBeanPermission "Simple", "registerMBean"; |
|
59 }; |
|
60 |
|
61 grant principal javax.management.remote.JMXPrincipal "username1" { |
|
62 // |
|
63 // JMXPrincipals "username1" has all permissions. |
|
64 // |
|
65 permission java.security.AllPermission; |
|
66 }; |
|
67 |
|
68 grant principal javax.management.remote.JMXPrincipal "username2" { |
|
69 // |
|
70 // JMXPrincipals "username2" has all permissions. |
|
71 // |
|
72 permission java.security.AllPermission; |
|
73 }; |
|
74 |
|
75 grant principal javax.management.remote.JMXPrincipal "username3" { |
|
76 // |
|
77 // JMXPrincipals "username3" has some permissions. |
|
78 // |
|
79 permission javax.management.MBeanPermission "Simple", "instantiate"; |
|
80 permission javax.management.MBeanPermission "Simple", "registerMBean"; |
|
81 permission javax.management.MBeanPermission "Simple", "setAttribute"; |
|
82 permission javax.management.MBeanPermission "Simple", "invoke"; |
|
83 }; |
|
84 |
|
85 grant principal javax.management.remote.JMXPrincipal "username4" { |
|
86 // |
|
87 // JMXPrincipals "username4" has all permissions. |
|
88 // |
|
89 permission javax.management.MBeanPermission "Simple", "instantiate"; |
|
90 permission javax.management.MBeanPermission "Simple", "registerMBean"; |
|
91 permission javax.management.MBeanPermission "Simple", "invoke"; |
|
92 }; |
|
93 |
|
94 grant principal javax.management.remote.JMXPrincipal "username5" { |
|
95 // |
|
96 // JMXPrincipals "username5" has no permissions. |
|
97 // |
|
98 }; |