Mercurial > repos > rliterman > csp2

comparison CSP2/CSP2_env/env-d9b9114564458d9d-741b3de822f2aaca6c6caa4325c4afce/lib/security/default.policy @ 69:33d812a61356

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
planemo upload commit 2e9511a184a1ca667c7be0c6321a36dc4e3d116d
author jpayne
date Tue, 18 Mar 2025 17:55:14 -0400
parents
children
comparison
equal deleted inserted replaced
67:0e9998148a16 69:33d812a61356
1 //
2 // Permissions required by modules stored in a run-time image and loaded
3 // by the platform class loader.
4 //
5 // NOTE that this file is not intended to be modified. If additional
6 // permissions need to be granted to the modules in this file, it is
7 // recommended that they be configured in a separate policy file or
8 // ${java.home}/conf/security/java.policy.
9 //
10
11
12 grant codeBase "jrt:/java.compiler" {
13 permission java.security.AllPermission;
14 };
15
16
17 grant codeBase "jrt:/java.net.http" {
18 permission java.lang.RuntimePermission "accessClassInPackage.sun.net";
19 permission java.lang.RuntimePermission "accessClassInPackage.sun.net.util";
20 permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www";
21 permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.misc";
22 permission java.net.SocketPermission "*","connect,resolve";
23 permission java.net.URLPermission "http:*","*:*";
24 permission java.net.URLPermission "https:*","*:*";
25 permission java.net.URLPermission "ws:*","*:*";
26 permission java.net.URLPermission "wss:*","*:*";
27 permission java.net.URLPermission "socket:*","CONNECT"; // proxy
28 // For request/response body processors, fromFile, asFile
29 permission java.io.FilePermission "<<ALL FILES>>","read,write,delete";
30 permission java.util.PropertyPermission "*","read";
31 permission java.net.NetPermission "getProxySelector";
32 };
33
34 grant codeBase "jrt:/java.scripting" {
35 permission java.security.AllPermission;
36 };
37
38 grant codeBase "jrt:/java.security.jgss" {
39 permission java.security.AllPermission;
40 };
41
42 grant codeBase "jrt:/java.smartcardio" {
43 permission javax.smartcardio.CardPermission "*", "*";
44 permission java.lang.RuntimePermission "loadLibrary.j2pcsc";
45 permission java.lang.RuntimePermission
46 "accessClassInPackage.sun.security.jca";
47 permission java.lang.RuntimePermission
48 "accessClassInPackage.sun.security.util";
49 permission java.util.PropertyPermission
50 "javax.smartcardio.TerminalFactory.DefaultType", "read";
51 permission java.util.PropertyPermission "os.name", "read";
52 permission java.util.PropertyPermission "os.arch", "read";
53 permission java.util.PropertyPermission "sun.arch.data.model", "read";
54 permission java.util.PropertyPermission
55 "sun.security.smartcardio.library", "read";
56 permission java.util.PropertyPermission
57 "sun.security.smartcardio.t0GetResponse", "read";
58 permission java.util.PropertyPermission
59 "sun.security.smartcardio.t1GetResponse", "read";
60 permission java.util.PropertyPermission
61 "sun.security.smartcardio.t1StripLe", "read";
62 // needed for looking up native PC/SC library
63 permission java.io.FilePermission "<<ALL FILES>>","read";
64 permission java.security.SecurityPermission "putProviderProperty.SunPCSC";
65 permission java.security.SecurityPermission
66 "clearProviderProperties.SunPCSC";
67 permission java.security.SecurityPermission
68 "removeProviderProperty.SunPCSC";
69 };
70
71 grant codeBase "jrt:/java.sql" {
72 permission java.security.AllPermission;
73 };
74
75 grant codeBase "jrt:/java.sql.rowset" {
76 permission java.security.AllPermission;
77 };
78
79
80 grant codeBase "jrt:/java.xml.crypto" {
81 permission java.lang.RuntimePermission
82 "accessClassInPackage.sun.security.util";
83 permission java.util.PropertyPermission "*", "read";
84 permission java.security.SecurityPermission "putProviderProperty.XMLDSig";
85 permission java.security.SecurityPermission
86 "clearProviderProperties.XMLDSig";
87 permission java.security.SecurityPermission
88 "removeProviderProperty.XMLDSig";
89 permission java.security.SecurityPermission
90 "com.sun.org.apache.xml.internal.security.register";
91 permission java.security.SecurityPermission
92 "getProperty.jdk.xml.dsig.secureValidationPolicy";
93 permission java.lang.RuntimePermission
94 "accessClassInPackage.com.sun.org.apache.xml.internal.*";
95 permission java.lang.RuntimePermission
96 "accessClassInPackage.com.sun.org.apache.xpath.internal";
97 permission java.lang.RuntimePermission
98 "accessClassInPackage.com.sun.org.apache.xpath.internal.*";
99 };
100
101
102 grant codeBase "jrt:/jdk.accessibility" {
103 permission java.lang.RuntimePermission "accessClassInPackage.sun.awt";
104 };
105
106 grant codeBase "jrt:/jdk.charsets" {
107 permission java.util.PropertyPermission "os.name", "read";
108 permission java.util.PropertyPermission "sun.nio.cs.map", "read";
109 permission java.lang.RuntimePermission "charsetProvider";
110 permission java.lang.RuntimePermission
111 "accessClassInPackage.jdk.internal.misc";
112 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";
113 };
114
115 grant codeBase "jrt:/jdk.crypto.ec" {
116 permission java.lang.RuntimePermission
117 "accessClassInPackage.sun.security.*";
118 permission java.lang.RuntimePermission "loadLibrary.sunec";
119 permission java.security.SecurityPermission "putProviderProperty.SunEC";
120 permission java.security.SecurityPermission "clearProviderProperties.SunEC";
121 permission java.security.SecurityPermission "removeProviderProperty.SunEC";
122 };
123
124 grant codeBase "jrt:/jdk.crypto.cryptoki" {
125 permission java.lang.RuntimePermission
126 "accessClassInPackage.sun.security.*";
127 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
128 permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
129 permission java.util.PropertyPermission "sun.security.pkcs11.allowSingleThreadedModules", "read";
130 permission java.util.PropertyPermission "sun.security.pkcs11.disableKeyExtraction", "read";
131 permission java.util.PropertyPermission "os.name", "read";
132 permission java.util.PropertyPermission "os.arch", "read";
133 permission java.util.PropertyPermission "jdk.crypto.KeyAgreement.legacyKDF", "read";
134 permission java.security.SecurityPermission "putProviderProperty.*";
135 permission java.security.SecurityPermission "clearProviderProperties.*";
136 permission java.security.SecurityPermission "removeProviderProperty.*";
137 permission java.security.SecurityPermission
138 "getProperty.auth.login.defaultCallbackHandler";
139 permission java.security.SecurityPermission "authProvider.*";
140 // Needed for reading PKCS11 config file and NSS library check
141 permission java.io.FilePermission "<<ALL FILES>>", "read";
142 };
143
144 grant codeBase "jrt:/jdk.desktop" {
145 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.awt";
146 };
147
148 grant codeBase "jrt:/jdk.dynalink" {
149 permission java.security.AllPermission;
150 };
151
152 grant codeBase "jrt:/jdk.httpserver" {
153 permission java.security.AllPermission;
154 };
155
156 grant codeBase "jrt:/jdk.internal.le" {
157 permission java.security.AllPermission;
158 };
159
160 grant codeBase "jrt:/jdk.internal.vm.compiler" {
161 permission java.security.AllPermission;
162 };
163
164 grant codeBase "jrt:/jdk.internal.vm.compiler.management" {
165 permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.vm.compiler.collections";
166 permission java.lang.RuntimePermission "accessClassInPackage.jdk.vm.ci.runtime";
167 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.core.common";
168 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.debug";
169 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.hotspot";
170 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.options";
171 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.phases.common.jmx";
172 permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.serviceprovider";
173 };
174
175 grant codeBase "jrt:/jdk.jsobject" {
176 permission java.security.AllPermission;
177 };
178
179 grant codeBase "jrt:/jdk.localedata" {
180 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
181 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
182 };
183
184 grant codeBase "jrt:/jdk.naming.dns" {
185 permission java.security.AllPermission;
186 };
187
188 grant codeBase "jrt:/jdk.scripting.nashorn" {
189 permission java.security.AllPermission;
190 };
191
192 grant codeBase "jrt:/jdk.scripting.nashorn.shell" {
193 permission java.security.AllPermission;
194 };
195
196 grant codeBase "jrt:/jdk.security.auth" {
197 permission java.security.AllPermission;
198 };
199
200 grant codeBase "jrt:/jdk.security.jgss" {
201 permission java.security.AllPermission;
202 };
203
204 grant codeBase "jrt:/jdk.zipfs" {
205 permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
206 permission java.lang.RuntimePermission "fileSystemProvider";
207 permission java.lang.RuntimePermission "accessUserInformation";
208 permission java.util.PropertyPermission "os.name", "read";
209 };
210
211 // permissions needed by applications using java.desktop module
212 grant {
213 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans";
214 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans.*";
215 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.java.swing.plaf.*";
216 permission java.lang.RuntimePermission "accessClassInPackage.com.apple.*";
217 };