annotate src/java.base/share/lib/security/default.policy @ 16745:77df00dbacfb

8174735: Update JAX-WS RI integration to latest version Reviewed-by: alanb, mchung, lancea Contributed-by: roman.grigoriadi@oracle.com
author aefimov
date Thu, 16 Feb 2017 13:17:55 +0300
parents 31fdce5df5cd
children a4d094e7dd1f
rev   line source
mullan@15247 1 //
mullan@15247 2 // Permissions required by modules stored in a run-time image and loaded
mullan@15247 3 // by the platform class loader.
mullan@15247 4 //
mullan@15247 5 // NOTE that this file is not intended to be modified. If additional
mullan@15247 6 // permissions need to be granted to the modules in this file, it is
mullan@15247 7 // recommended that they be configured in a separate policy file or
mullan@15247 8 // ${java.home}/conf/security/java.policy.
mullan@15247 9 //
mullan@15247 10
mullan@15247 11 grant codeBase "jrt:/java.activation" {
mullan@15247 12 permission java.security.AllPermission;
mullan@15247 13 };
mullan@15247 14
mullan@15247 15 grant codeBase "jrt:/java.compiler" {
mullan@15247 16 permission java.security.AllPermission;
mullan@15247 17 };
mullan@15247 18
mullan@15247 19 grant codeBase "jrt:/java.corba" {
mullan@15247 20 permission java.security.AllPermission;
mullan@15247 21 };
mullan@15247 22
michaelm@16272 23 grant codeBase "jrt:/jdk.incubator.httpclient" {
michaelm@16272 24 };
michaelm@16272 25
mullan@15247 26 grant codeBase "jrt:/java.scripting" {
mullan@15247 27 permission java.security.AllPermission;
mullan@15247 28 };
mullan@15247 29
weijun@15248 30 grant codeBase "jrt:/java.security.jgss" {
weijun@15248 31 permission java.security.AllPermission;
weijun@15248 32 };
weijun@15248 33
mullan@15247 34 grant codeBase "jrt:/java.smartcardio" {
mullan@15247 35 permission javax.smartcardio.CardPermission "*", "*";
mullan@15247 36 permission java.lang.RuntimePermission "loadLibrary.j2pcsc";
mullan@15247 37 permission java.lang.RuntimePermission
mullan@15972 38 "accessClassInPackage.sun.security.jca";
mullan@15972 39 permission java.lang.RuntimePermission
mullan@15972 40 "accessClassInPackage.sun.security.util";
mullan@15972 41 permission java.util.PropertyPermission
mullan@15972 42 "javax.smartcardio.TerminalFactory.DefaultType", "read";
mullan@15972 43 permission java.util.PropertyPermission "os.name", "read";
mullan@15972 44 permission java.util.PropertyPermission "os.arch", "read";
mullan@15972 45 permission java.util.PropertyPermission "sun.arch.data.model", "read";
mullan@15972 46 permission java.util.PropertyPermission
mullan@15972 47 "sun.security.smartcardio.library", "read";
mullan@15972 48 permission java.util.PropertyPermission
mullan@15972 49 "sun.security.smartcardio.t0GetResponse", "read";
mullan@15972 50 permission java.util.PropertyPermission
mullan@15972 51 "sun.security.smartcardio.t1GetResponse", "read";
mullan@15972 52 permission java.util.PropertyPermission
mullan@15972 53 "sun.security.smartcardio.t1StripLe", "read";
mullan@15247 54 // needed for looking up native PC/SC library
mullan@15247 55 permission java.io.FilePermission "<<ALL FILES>>","read";
mullan@15247 56 permission java.security.SecurityPermission "putProviderProperty.SunPCSC";
mullan@15247 57 permission java.security.SecurityPermission
mullan@15247 58 "clearProviderProperties.SunPCSC";
mullan@15247 59 permission java.security.SecurityPermission
mullan@15247 60 "removeProviderProperty.SunPCSC";
mullan@15247 61 };
mullan@15247 62
mullan@15247 63 grant codeBase "jrt:/java.sql" {
mullan@15247 64 permission java.security.AllPermission;
mullan@15247 65 };
mullan@15247 66
mullan@15247 67 grant codeBase "jrt:/java.sql.rowset" {
mullan@15247 68 permission java.security.AllPermission;
mullan@15247 69 };
mullan@15247 70
mullan@15247 71 grant codeBase "jrt:/java.xml.bind" {
mullan@15247 72 permission java.lang.RuntimePermission
aefimov@16745 73 "accessClassInPackage.sun.misc";
aefimov@16745 74 permission java.lang.RuntimePermission
mullan@15247 75 "accessClassInPackage.com.sun.xml.internal.*";
mullan@15247 76 permission java.lang.RuntimePermission
mullan@15247 77 "accessClassInPackage.com.sun.istack.internal";
mullan@15247 78 permission java.lang.RuntimePermission
mullan@15247 79 "accessClassInPackage.com.sun.istack.internal.*";
mullan@15247 80 permission java.lang.RuntimePermission "accessDeclaredMembers";
mullan@15247 81 permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
mullan@15247 82 permission java.util.PropertyPermission "*", "read";
mullan@15247 83 };
mullan@15247 84
mullan@15247 85 grant codeBase "jrt:/java.xml.crypto" {
mullan@16514 86 permission java.lang.RuntimePermission
mullan@16514 87 "accessClassInPackage.sun.security.util";
mullan@15247 88 permission java.util.PropertyPermission "*", "read";
mullan@15247 89 permission java.security.SecurityPermission "putProviderProperty.XMLDSig";
mullan@15247 90 permission java.security.SecurityPermission
mullan@15247 91 "clearProviderProperties.XMLDSig";
mullan@15247 92 permission java.security.SecurityPermission
mullan@15247 93 "removeProviderProperty.XMLDSig";
mullan@15247 94 permission java.security.SecurityPermission
mullan@15247 95 "com.sun.org.apache.xml.internal.security.register";
mullan@15487 96 permission java.security.SecurityPermission
mullan@15487 97 "getProperty.jdk.xml.dsig.secureValidationPolicy";
mullan@16529 98 permission java.lang.RuntimePermission
mullan@16529 99 "accessClassInPackage.com.sun.org.apache.xml.internal.*";
mullan@16529 100 permission java.lang.RuntimePermission
mullan@16529 101 "accessClassInPackage.com.sun.org.apache.xpath.internal";
mullan@16529 102 permission java.lang.RuntimePermission
mullan@16529 103 "accessClassInPackage.com.sun.org.apache.xpath.internal.*";
mullan@15247 104 };
mullan@15247 105
mullan@15247 106 grant codeBase "jrt:/java.xml.ws" {
lancea@16657 107 permission java.net.NetPermission
lancea@16657 108 "getProxySelector";
mullan@15247 109 permission java.lang.RuntimePermission
aefimov@16745 110 "accessClassInPackage.sun.misc";
mullan@16529 111 permission java.lang.RuntimePermission
mullan@15247 112 "accessClassInPackage.com.sun.xml.internal.*";
mullan@15247 113 permission java.lang.RuntimePermission
mullan@15247 114 "accessClassInPackage.com.sun.istack.internal";
mullan@15247 115 permission java.lang.RuntimePermission
mullan@15247 116 "accessClassInPackage.com.sun.istack.internal.*";
mullan@15247 117 permission java.lang.RuntimePermission "accessDeclaredMembers";
mullan@15247 118 permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
mullan@15247 119 permission java.util.PropertyPermission "*", "read";
mullan@15247 120 };
mullan@15247 121
mullan@15247 122 grant codeBase "jrt:/jdk.charsets" {
mullan@15247 123 permission java.util.PropertyPermission "os.name", "read";
mullan@15247 124 permission java.util.PropertyPermission "sun.nio.cs.map", "read";
mullan@15247 125 permission java.lang.RuntimePermission "charsetProvider";
mullan@15247 126 permission java.lang.RuntimePermission
mullan@15247 127 "accessClassInPackage.jdk.internal.misc";
mullan@15247 128 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";
mullan@15247 129 };
mullan@15247 130
mullan@15247 131 grant codeBase "jrt:/jdk.crypto.ec" {
mullan@15247 132 permission java.lang.RuntimePermission
mullan@15247 133 "accessClassInPackage.sun.security.*";
mullan@15247 134 permission java.lang.RuntimePermission "loadLibrary.sunec";
mullan@15247 135 permission java.security.SecurityPermission "putProviderProperty.SunEC";
mullan@15247 136 permission java.security.SecurityPermission "clearProviderProperties.SunEC";
mullan@15247 137 permission java.security.SecurityPermission "removeProviderProperty.SunEC";
mullan@15247 138 };
mullan@15247 139
ascarpino@16560 140 grant codeBase "jrt:/jdk.crypto.cryptoki" {
mullan@15247 141 permission java.lang.RuntimePermission
mullan@15247 142 "accessClassInPackage.sun.security.*";
mullan@15247 143 permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
mullan@15247 144 permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
mullan@15933 145 permission java.util.PropertyPermission "sun.security.pkcs11.allowSingleThreadedModules", "read";
mullan@15933 146 permission java.util.PropertyPermission "os.name", "read";
mullan@15933 147 permission java.util.PropertyPermission "os.arch", "read";
mullan@15247 148 permission java.security.SecurityPermission "putProviderProperty.*";
mullan@15247 149 permission java.security.SecurityPermission "clearProviderProperties.*";
mullan@15247 150 permission java.security.SecurityPermission "removeProviderProperty.*";
mullan@15247 151 permission java.security.SecurityPermission
mullan@15247 152 "getProperty.auth.login.defaultCallbackHandler";
mullan@15247 153 permission java.security.SecurityPermission "authProvider.*";
mullan@15247 154 // Needed for reading PKCS11 config file and NSS library check
mullan@15247 155 permission java.io.FilePermission "<<ALL FILES>>", "read";
mullan@15247 156 };
mullan@15247 157
mullan@15247 158 grant codeBase "jrt:/jdk.dynalink" {
mullan@15247 159 permission java.security.AllPermission;
mullan@15247 160 };
mullan@15247 161
mullan@15247 162 grant codeBase "jrt:/jdk.internal.le" {
mullan@15247 163 permission java.security.AllPermission;
mullan@15247 164 };
mullan@15247 165
mullan@15247 166 grant codeBase "jrt:/jdk.jsobject" {
mullan@15247 167 permission java.security.AllPermission;
mullan@15247 168 };
mullan@15247 169
mullan@15247 170 grant codeBase "jrt:/jdk.localedata" {
mullan@15247 171 permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
mullan@15247 172 permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
mullan@15247 173 };
mullan@15247 174
mullan@15247 175 grant codeBase "jrt:/jdk.naming.dns" {
mullan@15247 176 permission java.security.AllPermission;
mullan@15247 177 };
mullan@15247 178
mullan@15247 179 grant codeBase "jrt:/jdk.scripting.nashorn" {
mullan@15247 180 permission java.security.AllPermission;
mullan@15247 181 };
mullan@15247 182
mullan@15247 183 grant codeBase "jrt:/jdk.scripting.nashorn.shell" {
mullan@15247 184 permission java.security.AllPermission;
mullan@15247 185 };
mullan@15247 186
weijun@15248 187 grant codeBase "jrt:/jdk.security.auth" {
weijun@15248 188 permission java.security.AllPermission;
weijun@15248 189 };
weijun@15248 190
weijun@15248 191 grant codeBase "jrt:/jdk.security.jgss" {
weijun@15248 192 permission java.security.AllPermission;
weijun@15248 193 };
weijun@15248 194
mullan@15247 195 grant codeBase "jrt:/jdk.zipfs" {
mullan@15247 196 permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
mullan@15247 197 permission java.lang.RuntimePermission "fileSystemProvider";
sherman@16051 198 permission java.util.PropertyPermission "os.name", "read";
mullan@15247 199 };
mullan@15247 200
mullan@16529 201 grant codeBase "jrt:/jdk.accessibility" {
mullan@16529 202 permission java.lang.RuntimePermission "accessClassInPackage.sun.awt";
mullan@16529 203 };
mullan@16529 204
mullan@16529 205 grant codeBase "jrt:/jdk.desktop" {
mullan@16529 206 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.awt";
mullan@16529 207 };
mullan@16553 208
mullan@16553 209 // permissions needed by applications using java.desktop module
mullan@16553 210 grant {
mullan@16553 211 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans";
mullan@16553 212 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans.*";
mullan@16553 213 permission java.lang.RuntimePermission "accessClassInPackage.com.sun.java.swing.plaf.*";
mullan@16553 214 permission java.lang.RuntimePermission "accessClassInPackage.com.apple.*";
mullan@16553 215 };
dnsimon@16688 216
dnsimon@16688 217 grant codeBase "jrt:/jdk.vm.compiler" {
dnsimon@16688 218 permission java.security.AllPermission;
dnsimon@16688 219 };