Mercurial > repos > rliterman > csp2

annotate CSP2/CSP2_env/env-d9b9114564458d9d-741b3de822f2aaca6c6caa4325c4afce/lib/security/default.policy @ 68:5028fdace37b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
planemo upload commit 2e9511a184a1ca667c7be0c6321a36dc4e3d116d
author jpayne
date Tue, 18 Mar 2025 16:23:26 -0400
parents
children
rev   line source
jpayne@68 1 //
jpayne@68 2 // Permissions required by modules stored in a run-time image and loaded
jpayne@68 3 // by the platform class loader.
jpayne@68 4 //
jpayne@68 5 // NOTE that this file is not intended to be modified. If additional
jpayne@68 6 // permissions need to be granted to the modules in this file, it is
jpayne@68 7 // recommended that they be configured in a separate policy file or
jpayne@68 8 // ${java.home}/conf/security/java.policy.
jpayne@68 9 //
jpayne@68 10
jpayne@68 11
jpayne@68 12 grant codeBase "jrt:/java.compiler" {
jpayne@68 13 permission java.security.AllPermission;
jpayne@68 14 };
jpayne@68 15
jpayne@68 16
jpayne@68 17 grant codeBase "jrt:/java.net.http" {
jpayne@68 18 permission java.lang.RuntimePermission "accessClassInPackage.sun.net";
jpayne@68 19 permission java.lang.RuntimePermission "accessClassInPackage.sun.net.util";
jpayne@68 20 permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www";
jpayne@68 21 permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.misc";
jpayne@68 22 permission java.net.SocketPermission "*","connect,resolve";
jpayne@68 23 permission java.net.URLPermission "http:*","*:*";
jpayne@68 24 permission java.net.URLPermission "https:*","*:*";
jpayne@68 25 permission java.net.URLPermission "ws:*","*:*";
jpayne@68 26 permission java.net.URLPermission "wss:*","*:*";
jpayne@68 27 permission java.net.URLPermission "socket:*","CONNECT"; // proxy
jpayne@68 28 // For request/response body processors, fromFile, asFile
jpayne@68 29 permission java.io.FilePermission "<<ALL FILES>>","read,write,delete";
jpayne@68 30 permission java.util.PropertyPermission "*","read";
jpayne@68 31 permission java.net.NetPermission "getProxySelector";
jpayne@68 32 };
jpayne@68 33
jpayne@68 34 grant codeBase "jrt:/java.scripting" {
jpayne@68 35 permission java.security.AllPermission;
jpayne@68 36 };
jpayne@68 37
jpayne@68 38 grant codeBase "jrt:/java.security.jgss" {
jpayne@68 39 permission java.security.AllPermission;
jpayne@68 40 };
jpayne@68 41
jpayne@68 42 grant codeBase "jrt:/java.smartcardio" {
jpayne@68 43 permission javax.smartcardio.CardPermission "*", "*";
jpayne@68 44 permission java.lang.RuntimePermission "loadLibrary.j2pcsc";
jpayne@68 45 permission java.lang.RuntimePermission
jpayne@68 46 "accessClassInPackage.sun.security.jca";
jpayne@68 47 permission java.lang.RuntimePermission
jpayne@68 48 "accessClassInPackage.sun.security.util";
jpayne@68 49 permission java.util.PropertyPermission
jpayne@68 50 "javax.smartcardio.TerminalFactory.DefaultType", "read";
jpayne@68 51 permission java.util.PropertyPermission "os.name", "read";
jpayne@68 52 permission java.util.PropertyPermission "os.arch", "read";
jpayne@68 53 permission java.util.PropertyPermission "sun.arch.data.model", "read";
jpayne@68 54 permission java.util.PropertyPermission
jpayne@68 55 "sun.security.smartcardio.library", "read";
jpayne@68 56 permission java.util.PropertyPermission
jpayne@68 57 "sun.security.smartcardio.t0GetResponse", "read";
jpayne@68 58 permission java.util.PropertyPermission
jpayne@68 59 "sun.security.smartcardio.t1GetResponse", "read";
jpayne@68 60 permission java.util.PropertyPermission
jpayne@68 61 "sun.security.smartcardio.t1StripLe", "read";
jpayne@68 62 // needed for looking up native PC/SC library
jpayne@68 63 permission java.io.FilePermission "<<ALL FILES>>","read";
jpayne@68 64 permission java.security.SecurityPermission "putProviderProperty.SunPCSC";
jpayne@68 65 permission java.security.SecurityPermission
jpayne@68 66 "clearProviderProperties.SunPCSC";
jpayne@68 67 permission java.security.SecurityPermission
jpayne@68 68 "removeProviderProperty.SunPCSC";
jpayne@68 69 };
jpayne@68 70
jpayne@68 71 grant codeBase "jrt:/java.sql" {
jpayne@68 72 permission java.security.AllPermission;
jpayne@68 73 };
jpayne@68 74
jpayne@68 75 grant codeBase "jrt:/java.sql.rowset" {
jpayne@68 76 permission java.security.AllPermission;
jpayne@68 77 };
jpayne@68 78
jpayne@68 79
jpayne@68 80 grant codeBase "jrt:/java.xml.crypto" {
jpayne@68 81 permission java.lang.RuntimePermission
jpayne@68 82 "accessClassInPackage.sun.security.util";
jpayne@68 83 permission java.util.PropertyPermission "*", "read";
jpayne@68 84 permission java.security.SecurityPermission "putProviderProperty.XMLDSig";
jpayne@68 85 permission java.security.SecurityPermission
jpayne@68 86 "clearProviderProperties.XMLDSig";
jpayne@68 87 permission java.security.SecurityPermission
jpayne@68 88 "removeProviderProperty.XMLDSig";
jpayne@68 89 permission java.security.SecurityPermission
jpayne@68 90 "com.sun.org.apache.xml.internal.security.register";
jpayne@68 91 permission java.security.SecurityPermission
jpayne@68 92 "getProperty.jdk.xml.dsig.secureValidationPolicy";
jpayne@68 93 permission java.lang.RuntimePermission
jpayne@68 94 "accessClassInPackage.com.sun.org.apache.xml.internal.*";
jpayne@68 95 permission java.lang.RuntimePermission
jpayne@68 96 "accessClassInPackage.com.sun.org.apache.xpath.internal";
jpayne@68 97 permission java.lang.RuntimePermission
jpayne@68 98 "accessClassInPackage.com.sun.org.apache.xpath.internal.*";
jpayne@68 99 };
jpayne@68 100
jpayne@68 101
jpayne@68 102 grant codeBase "jrt:/jdk.accessibility" {
jpayne@68 103 permission java.lang.RuntimePermission "accessClassInPackage.sun.awt";
jpayne@68 104 };
jpayne@68 105
jpayne@68 106 grant codeBase "jrt:/jdk.charsets" {
jpayne@68 107 permission java.util.PropertyPermission "os.name", "read";
jpayne@68 108 permission java.util.PropertyPermission "sun.nio.cs.map", "read";
jpayne@68 109 permission java.lang.RuntimePermission "charsetProvider";
jpayne@68 110 permission java.lang.RuntimePermission
jpayne@68 111 "accessClassInPackage.jdk.internal.misc";
jpayne@68 112 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";
jpayne@68 113 };
jpayne@68 114
jpayne@68 115 grant codeBase "jrt:/jdk.crypto.ec" {
jpayne@68 116 permission java.lang.RuntimePermission
jpayne@68 117 "accessClassInPackage.sun.security.*";
jpayne@68 118 permission java.lang.RuntimePermission "loadLibrary.sunec";
jpayne@68 119 permission java.security.SecurityPermission "putProviderProperty.SunEC";
jpayne@68 120 permission java.security.SecurityPermission "clearProviderProperties.SunEC";
jpayne@68 121 permission java.security.SecurityPermission "removeProviderProperty.SunEC";
jpayne@68 122 };
jpayne@68 123
jpayne@68 124 grant codeBase "jrt:/jdk.crypto.cryptoki" {
jpayne@68 125 permission java.lang.RuntimePermission
jpayne@68 126 "accessClassInPackage.sun.security.*";
jpayne@68 127 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
jpayne@68 128 permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
jpayne@68 129 permission java.util.PropertyPermission "sun.security.pkcs11.allowSingleThreadedModules", "read";
jpayne@68 130 permission java.util.PropertyPermission "sun.security.pkcs11.disableKeyExtraction", "read";
jpayne@68 131 permission java.util.PropertyPermission "os.name", "read";
jpayne@68 132 permission java.util.PropertyPermission "os.arch", "read";
jpayne@68 133 permission java.util.PropertyPermission "jdk.crypto.KeyAgreement.legacyKDF", "read";
jpayne@68 134 permission java.security.SecurityPermission "putProviderProperty.*";
jpayne@68 135 permission java.security.SecurityPermission "clearProviderProperties.*";
jpayne@68 136 permission java.security.SecurityPermission "removeProviderProperty.*";
jpayne@68 137 permission java.security.SecurityPermission
jpayne@68 138 "getProperty.auth.login.defaultCallbackHandler";
jpayne@68 139 permission java.security.SecurityPermission "authProvider.*";
jpayne@68 140 // Needed for reading PKCS11 config file and NSS library check
jpayne@68 141 permission java.io.FilePermission "<<ALL FILES>>", "read";
jpayne@68 142 };
jpayne@68 143
jpayne@68 144 grant codeBase "jrt:/jdk.desktop" {
jpayne@68 145 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.awt";
jpayne@68 146 };
jpayne@68 147
jpayne@68 148 grant codeBase "jrt:/jdk.dynalink" {
jpayne@68 149 permission java.security.AllPermission;
jpayne@68 150 };
jpayne@68 151
jpayne@68 152 grant codeBase "jrt:/jdk.httpserver" {
jpayne@68 153 permission java.security.AllPermission;
jpayne@68 154 };
jpayne@68 155
jpayne@68 156 grant codeBase "jrt:/jdk.internal.le" {
jpayne@68 157 permission java.security.AllPermission;
jpayne@68 158 };
jpayne@68 159
jpayne@68 160 grant codeBase "jrt:/jdk.internal.vm.compiler" {
jpayne@68 161 permission java.security.AllPermission;
jpayne@68 162 };
jpayne@68 163
jpayne@68 164 grant codeBase "jrt:/jdk.internal.vm.compiler.management" {
jpayne@68 165 permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.vm.compiler.collections";
jpayne@68 166 permission java.lang.RuntimePermission "accessClassInPackage.jdk.vm.ci.runtime";
jpayne@68 167 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.core.common";
jpayne@68 168 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.debug";
jpayne@68 169 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.hotspot";
jpayne@68 170 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.options";
jpayne@68 171 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.phases.common.jmx";
jpayne@68 172 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.serviceprovider";
jpayne@68 173 };
jpayne@68 174
jpayne@68 175 grant codeBase "jrt:/jdk.jsobject" {
jpayne@68 176 permission java.security.AllPermission;
jpayne@68 177 };
jpayne@68 178
jpayne@68 179 grant codeBase "jrt:/jdk.localedata" {
jpayne@68 180 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
jpayne@68 181 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
jpayne@68 182 };
jpayne@68 183
jpayne@68 184 grant codeBase "jrt:/jdk.naming.dns" {
jpayne@68 185 permission java.security.AllPermission;
jpayne@68 186 };
jpayne@68 187
jpayne@68 188 grant codeBase "jrt:/jdk.scripting.nashorn" {
jpayne@68 189 permission java.security.AllPermission;
jpayne@68 190 };
jpayne@68 191
jpayne@68 192 grant codeBase "jrt:/jdk.scripting.nashorn.shell" {
jpayne@68 193 permission java.security.AllPermission;
jpayne@68 194 };
jpayne@68 195
jpayne@68 196 grant codeBase "jrt:/jdk.security.auth" {
jpayne@68 197 permission java.security.AllPermission;
jpayne@68 198 };
jpayne@68 199
jpayne@68 200 grant codeBase "jrt:/jdk.security.jgss" {
jpayne@68 201 permission java.security.AllPermission;
jpayne@68 202 };
jpayne@68 203
jpayne@68 204 grant codeBase "jrt:/jdk.zipfs" {
jpayne@68 205 permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
jpayne@68 206 permission java.lang.RuntimePermission "fileSystemProvider";
jpayne@68 207 permission java.lang.RuntimePermission "accessUserInformation";
jpayne@68 208 permission java.util.PropertyPermission "os.name", "read";
jpayne@68 209 };
jpayne@68 210
jpayne@68 211 // permissions needed by applications using java.desktop module
jpayne@68 212 grant {
jpayne@68 213 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans";
jpayne@68 214 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans.*";
jpayne@68 215 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.java.swing.plaf.*";
jpayne@68 216 permission java.lang.RuntimePermission "accessClassInPackage.com.apple.*";
jpayne@68 217 };