Mercurial > repos > rliterman > csp2

annotate CSP2/CSP2_env/env-d9b9114564458d9d-741b3de822f2aaca6c6caa4325c4afce/lib/security/default.policy @ 69:33d812a61356

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
planemo upload commit 2e9511a184a1ca667c7be0c6321a36dc4e3d116d
author jpayne
date Tue, 18 Mar 2025 17:55:14 -0400
parents
children
rev   line source
jpayne@69 1 //
jpayne@69 2 // Permissions required by modules stored in a run-time image and loaded
jpayne@69 3 // by the platform class loader.
jpayne@69 4 //
jpayne@69 5 // NOTE that this file is not intended to be modified. If additional
jpayne@69 6 // permissions need to be granted to the modules in this file, it is
jpayne@69 7 // recommended that they be configured in a separate policy file or
jpayne@69 8 // ${java.home}/conf/security/java.policy.
jpayne@69 9 //
jpayne@69 10
jpayne@69 11
jpayne@69 12 grant codeBase "jrt:/java.compiler" {
jpayne@69 13 permission java.security.AllPermission;
jpayne@69 14 };
jpayne@69 15
jpayne@69 16
jpayne@69 17 grant codeBase "jrt:/java.net.http" {
jpayne@69 18 permission java.lang.RuntimePermission "accessClassInPackage.sun.net";
jpayne@69 19 permission java.lang.RuntimePermission "accessClassInPackage.sun.net.util";
jpayne@69 20 permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www";
jpayne@69 21 permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.misc";
jpayne@69 22 permission java.net.SocketPermission "*","connect,resolve";
jpayne@69 23 permission java.net.URLPermission "http:*","*:*";
jpayne@69 24 permission java.net.URLPermission "https:*","*:*";
jpayne@69 25 permission java.net.URLPermission "ws:*","*:*";
jpayne@69 26 permission java.net.URLPermission "wss:*","*:*";
jpayne@69 27 permission java.net.URLPermission "socket:*","CONNECT"; // proxy
jpayne@69 28 // For request/response body processors, fromFile, asFile
jpayne@69 29 permission java.io.FilePermission "<<ALL FILES>>","read,write,delete";
jpayne@69 30 permission java.util.PropertyPermission "*","read";
jpayne@69 31 permission java.net.NetPermission "getProxySelector";
jpayne@69 32 };
jpayne@69 33
jpayne@69 34 grant codeBase "jrt:/java.scripting" {
jpayne@69 35 permission java.security.AllPermission;
jpayne@69 36 };
jpayne@69 37
jpayne@69 38 grant codeBase "jrt:/java.security.jgss" {
jpayne@69 39 permission java.security.AllPermission;
jpayne@69 40 };
jpayne@69 41
jpayne@69 42 grant codeBase "jrt:/java.smartcardio" {
jpayne@69 43 permission javax.smartcardio.CardPermission "*", "*";
jpayne@69 44 permission java.lang.RuntimePermission "loadLibrary.j2pcsc";
jpayne@69 45 permission java.lang.RuntimePermission
jpayne@69 46 "accessClassInPackage.sun.security.jca";
jpayne@69 47 permission java.lang.RuntimePermission
jpayne@69 48 "accessClassInPackage.sun.security.util";
jpayne@69 49 permission java.util.PropertyPermission
jpayne@69 50 "javax.smartcardio.TerminalFactory.DefaultType", "read";
jpayne@69 51 permission java.util.PropertyPermission "os.name", "read";
jpayne@69 52 permission java.util.PropertyPermission "os.arch", "read";
jpayne@69 53 permission java.util.PropertyPermission "sun.arch.data.model", "read";
jpayne@69 54 permission java.util.PropertyPermission
jpayne@69 55 "sun.security.smartcardio.library", "read";
jpayne@69 56 permission java.util.PropertyPermission
jpayne@69 57 "sun.security.smartcardio.t0GetResponse", "read";
jpayne@69 58 permission java.util.PropertyPermission
jpayne@69 59 "sun.security.smartcardio.t1GetResponse", "read";
jpayne@69 60 permission java.util.PropertyPermission
jpayne@69 61 "sun.security.smartcardio.t1StripLe", "read";
jpayne@69 62 // needed for looking up native PC/SC library
jpayne@69 63 permission java.io.FilePermission "<<ALL FILES>>","read";
jpayne@69 64 permission java.security.SecurityPermission "putProviderProperty.SunPCSC";
jpayne@69 65 permission java.security.SecurityPermission
jpayne@69 66 "clearProviderProperties.SunPCSC";
jpayne@69 67 permission java.security.SecurityPermission
jpayne@69 68 "removeProviderProperty.SunPCSC";
jpayne@69 69 };
jpayne@69 70
jpayne@69 71 grant codeBase "jrt:/java.sql" {
jpayne@69 72 permission java.security.AllPermission;
jpayne@69 73 };
jpayne@69 74
jpayne@69 75 grant codeBase "jrt:/java.sql.rowset" {
jpayne@69 76 permission java.security.AllPermission;
jpayne@69 77 };
jpayne@69 78
jpayne@69 79
jpayne@69 80 grant codeBase "jrt:/java.xml.crypto" {
jpayne@69 81 permission java.lang.RuntimePermission
jpayne@69 82 "accessClassInPackage.sun.security.util";
jpayne@69 83 permission java.util.PropertyPermission "*", "read";
jpayne@69 84 permission java.security.SecurityPermission "putProviderProperty.XMLDSig";
jpayne@69 85 permission java.security.SecurityPermission
jpayne@69 86 "clearProviderProperties.XMLDSig";
jpayne@69 87 permission java.security.SecurityPermission
jpayne@69 88 "removeProviderProperty.XMLDSig";
jpayne@69 89 permission java.security.SecurityPermission
jpayne@69 90 "com.sun.org.apache.xml.internal.security.register";
jpayne@69 91 permission java.security.SecurityPermission
jpayne@69 92 "getProperty.jdk.xml.dsig.secureValidationPolicy";
jpayne@69 93 permission java.lang.RuntimePermission
jpayne@69 94 "accessClassInPackage.com.sun.org.apache.xml.internal.*";
jpayne@69 95 permission java.lang.RuntimePermission
jpayne@69 96 "accessClassInPackage.com.sun.org.apache.xpath.internal";
jpayne@69 97 permission java.lang.RuntimePermission
jpayne@69 98 "accessClassInPackage.com.sun.org.apache.xpath.internal.*";
jpayne@69 99 };
jpayne@69 100
jpayne@69 101
jpayne@69 102 grant codeBase "jrt:/jdk.accessibility" {
jpayne@69 103 permission java.lang.RuntimePermission "accessClassInPackage.sun.awt";
jpayne@69 104 };
jpayne@69 105
jpayne@69 106 grant codeBase "jrt:/jdk.charsets" {
jpayne@69 107 permission java.util.PropertyPermission "os.name", "read";
jpayne@69 108 permission java.util.PropertyPermission "sun.nio.cs.map", "read";
jpayne@69 109 permission java.lang.RuntimePermission "charsetProvider";
jpayne@69 110 permission java.lang.RuntimePermission
jpayne@69 111 "accessClassInPackage.jdk.internal.misc";
jpayne@69 112 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";
jpayne@69 113 };
jpayne@69 114
jpayne@69 115 grant codeBase "jrt:/jdk.crypto.ec" {
jpayne@69 116 permission java.lang.RuntimePermission
jpayne@69 117 "accessClassInPackage.sun.security.*";
jpayne@69 118 permission java.lang.RuntimePermission "loadLibrary.sunec";
jpayne@69 119 permission java.security.SecurityPermission "putProviderProperty.SunEC";
jpayne@69 120 permission java.security.SecurityPermission "clearProviderProperties.SunEC";
jpayne@69 121 permission java.security.SecurityPermission "removeProviderProperty.SunEC";
jpayne@69 122 };
jpayne@69 123
jpayne@69 124 grant codeBase "jrt:/jdk.crypto.cryptoki" {
jpayne@69 125 permission java.lang.RuntimePermission
jpayne@69 126 "accessClassInPackage.sun.security.*";
jpayne@69 127 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
jpayne@69 128 permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
jpayne@69 129 permission java.util.PropertyPermission "sun.security.pkcs11.allowSingleThreadedModules", "read";
jpayne@69 130 permission java.util.PropertyPermission "sun.security.pkcs11.disableKeyExtraction", "read";
jpayne@69 131 permission java.util.PropertyPermission "os.name", "read";
jpayne@69 132 permission java.util.PropertyPermission "os.arch", "read";
jpayne@69 133 permission java.util.PropertyPermission "jdk.crypto.KeyAgreement.legacyKDF", "read";
jpayne@69 134 permission java.security.SecurityPermission "putProviderProperty.*";
jpayne@69 135 permission java.security.SecurityPermission "clearProviderProperties.*";
jpayne@69 136 permission java.security.SecurityPermission "removeProviderProperty.*";
jpayne@69 137 permission java.security.SecurityPermission
jpayne@69 138 "getProperty.auth.login.defaultCallbackHandler";
jpayne@69 139 permission java.security.SecurityPermission "authProvider.*";
jpayne@69 140 // Needed for reading PKCS11 config file and NSS library check
jpayne@69 141 permission java.io.FilePermission "<<ALL FILES>>", "read";
jpayne@69 142 };
jpayne@69 143
jpayne@69 144 grant codeBase "jrt:/jdk.desktop" {
jpayne@69 145 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.awt";
jpayne@69 146 };
jpayne@69 147
jpayne@69 148 grant codeBase "jrt:/jdk.dynalink" {
jpayne@69 149 permission java.security.AllPermission;
jpayne@69 150 };
jpayne@69 151
jpayne@69 152 grant codeBase "jrt:/jdk.httpserver" {
jpayne@69 153 permission java.security.AllPermission;
jpayne@69 154 };
jpayne@69 155
jpayne@69 156 grant codeBase "jrt:/jdk.internal.le" {
jpayne@69 157 permission java.security.AllPermission;
jpayne@69 158 };
jpayne@69 159
jpayne@69 160 grant codeBase "jrt:/jdk.internal.vm.compiler" {
jpayne@69 161 permission java.security.AllPermission;
jpayne@69 162 };
jpayne@69 163
jpayne@69 164 grant codeBase "jrt:/jdk.internal.vm.compiler.management" {
jpayne@69 165 permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.vm.compiler.collections";
jpayne@69 166 permission java.lang.RuntimePermission "accessClassInPackage.jdk.vm.ci.runtime";
jpayne@69 167 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.core.common";
jpayne@69 168 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.debug";
jpayne@69 169 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.hotspot";
jpayne@69 170 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.options";
jpayne@69 171 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.phases.common.jmx";
jpayne@69 172 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.serviceprovider";
jpayne@69 173 };
jpayne@69 174
jpayne@69 175 grant codeBase "jrt:/jdk.jsobject" {
jpayne@69 176 permission java.security.AllPermission;
jpayne@69 177 };
jpayne@69 178
jpayne@69 179 grant codeBase "jrt:/jdk.localedata" {
jpayne@69 180 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
jpayne@69 181 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
jpayne@69 182 };
jpayne@69 183
jpayne@69 184 grant codeBase "jrt:/jdk.naming.dns" {
jpayne@69 185 permission java.security.AllPermission;
jpayne@69 186 };
jpayne@69 187
jpayne@69 188 grant codeBase "jrt:/jdk.scripting.nashorn" {
jpayne@69 189 permission java.security.AllPermission;
jpayne@69 190 };
jpayne@69 191
jpayne@69 192 grant codeBase "jrt:/jdk.scripting.nashorn.shell" {
jpayne@69 193 permission java.security.AllPermission;
jpayne@69 194 };
jpayne@69 195
jpayne@69 196 grant codeBase "jrt:/jdk.security.auth" {
jpayne@69 197 permission java.security.AllPermission;
jpayne@69 198 };
jpayne@69 199
jpayne@69 200 grant codeBase "jrt:/jdk.security.jgss" {
jpayne@69 201 permission java.security.AllPermission;
jpayne@69 202 };
jpayne@69 203
jpayne@69 204 grant codeBase "jrt:/jdk.zipfs" {
jpayne@69 205 permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
jpayne@69 206 permission java.lang.RuntimePermission "fileSystemProvider";
jpayne@69 207 permission java.lang.RuntimePermission "accessUserInformation";
jpayne@69 208 permission java.util.PropertyPermission "os.name", "read";
jpayne@69 209 };
jpayne@69 210
jpayne@69 211 // permissions needed by applications using java.desktop module
jpayne@69 212 grant {
jpayne@69 213 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans";
jpayne@69 214 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans.*";
jpayne@69 215 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.java.swing.plaf.*";
jpayne@69 216 permission java.lang.RuntimePermission "accessClassInPackage.com.apple.*";
jpayne@69 217 };