/
java.policy
80 lines (58 loc) · 2.88 KB
/
java.policy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
// Standard extensions get all permissions by default
grant codeBase "file:${java.home}/lib/ext/-" {
permission java.security.AllPermission;
};
grant codeBase "file:${java.home}/../lib/tools.jar" {
permission java.security.AllPermission;
};
//Application Client Container requirement by SUN's RI
grant codeBase "file:${com.sun.enterprise.home}/lib/classes/" {
permission java.security.AllPermission;
};
grant codeBase "file:${jms.home}/classes/" {
permission java.security.AllPermission;
};
// Drivers and other system classes should be stored in this
// code base.
grant codeBase "file:${com.sun.enterprise.home}/lib/system/-" {
permission java.security.AllPermission;
};
grant codeBase "file:${com.sun.enterprise.home}/lib/jakartaee.jar" {
permission java.security.AllPermission;
};
// default permissions granted to all domains
grant {
// Jakarta EE security permission set from Jakarta EE platform specification Table 6-2
permission java.lang.RuntimePermission "loadLibrary.*";
permission java.lang.RuntimePermission "accessClassInPackage.*";
permission java.lang.RuntimePermission "exitVM";
permission java.lang.RuntimePermission "queuePrintJob";
permission java.awt.AWTPermission "accessClipboard";
permission java.awt.AWTPermission "accessEventQueue";
permission java.awt.AWTPermission "showWindowWithoutWarningBanner";
permission java.io.FilePermission "<<ALL FILES>>", "read,write";
permission java.net.SocketPermission "*", "connect,accept,resolve";
permission java.net.SocketPermission "localhost:1024-", "accept,listen";
// "standard" properies that can be read by anyone
permission java.util.PropertyPermission "*", "read";
//Required by JAXP tests
//jaxp/extension/com/saxhelpers/ParserFactoryTest.java#negative*
permission java.util.PropertyPermission "org.xml.sax.parser", "write";
// Required by TS harness and tests to write and delete files
permission java.io.FilePermission "${cts.tmp}${file.separator}-", "delete";
permission java.io.FilePermission "${user.home}${file.separator}tmp${file.separator}-", "delete";
//Required by SUN RI
permission java.lang.RuntimePermission "modifyThreadGroup";
// setting the JSSE provider for lazy authentication of app. clients.
// Please do not change it.
permission java.security.SecurityPermission "putProviderProperty.SunJSSE";
permission java.security.SecurityPermission "insertProvider.SunJSSE";
// TS harness requirement
permission java.lang.RuntimePermission "setFactory";
// For executing tests in SameJVM mode:
permission java.net.SocketPermission "localhost", "connect, resolve";
//Needed by TS Signature tests
permission java.lang.RuntimePermission "accessDeclaredMembers";
permission java.lang.RuntimePermission "createClassLoader";
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
};