changeset 10829:3150fbd1dbde

Update java.policy and test policy with module URL
author wetmore
date Wed, 15 Oct 2014 16:49:43 -0700
parents 24b6436df632
children 760144f2f84b
files src/java.base/share/conf/security/java.policy src/java.base/windows/conf/security/java.policy test/java/net/URLPermission/policy.1 test/java/net/URLPermission/policy.2 test/java/net/URLPermission/policy.3 test/java/security/KeyRep/Serial.policy test/java/security/KeyRep/SerialOld.policy test/java/security/Security/removing/RemoveStaticProvider.policy test/sun/security/pkcs11/KeyStore/Basic.policy test/sun/security/pkcs11/Provider/Login.policy
diffstat 10 files changed, 24 insertions(+), 132 deletions(-) [+]
line wrap: on
line diff
--- a/src/java.base/share/conf/security/java.policy	Wed Oct 15 19:28:59 2014 +0100
+++ b/src/java.base/share/conf/security/java.policy	Wed Oct 15 16:49:43 2014 -0700
@@ -1,59 +1,24 @@
 // permissions required by each component
-grant codeBase "file:${java.home}/lib/ext/zipfs.jar" {
-        permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
-        permission java.lang.RuntimePermission "fileSystemProvider";
-        permission java.util.PropertyPermission "*", "read";
-};
-
 grant codeBase "module:jdk.zipfs" {
         permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
         permission java.lang.RuntimePermission "fileSystemProvider";
         permission java.util.PropertyPermission "*", "read";
 };
 
-grant codeBase "file:${java.home}/lib/ext/cldrdata.jar" {
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
-        permission java.util.PropertyPermission "*", "read";
-};
-
-grant codeBase "file:${java.home}/lib/ext/localedata.jar" {
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
-        permission java.util.PropertyPermission "*", "read";
-};
-
 grant codeBase "module:jdk.localedata" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
         permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
         permission java.util.PropertyPermission "*", "read";
 };
 
-grant codeBase "file:${java.home}/lib/ext/dnsns.jar" {
-        permission java.security.AllPermission;
-};
-
 grant codeBase "module:jdk.naming.dns" {
         permission java.security.AllPermission;
 };
 
-grant codeBase "file:${java.home}/lib/ext/nashorn.jar" {
-        permission java.security.AllPermission;
-};
-
 grant codeBase "module:jdk.scripting.nashorn" {
         permission java.security.AllPermission;
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunec.jar" {
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
-        permission java.lang.RuntimePermission "loadLibrary.sunec";
-        permission java.util.PropertyPermission "*", "read";
-        permission java.security.SecurityPermission "putProviderProperty.SunEC";
-        permission java.security.SecurityPermission "clearProviderProperties.SunEC";
-        permission java.security.SecurityPermission "removeProviderProperty.SunEC";
-};
-
 grant codeBase "module:jdk.crypto.ec" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "loadLibrary.sunec";
@@ -63,30 +28,6 @@
         permission java.security.SecurityPermission "removeProviderProperty.SunEC";
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunjce_provider.jar" {
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
-        permission java.util.PropertyPermission "*", "read";
-        permission java.security.SecurityPermission "putProviderProperty.SunJCE";
-        permission java.security.SecurityPermission "clearProviderProperties.SunJCE";
-        permission java.security.SecurityPermission "removeProviderProperty.SunJCE";
-};
-
-grant codeBase "file:${java.home}/lib/ext/sunpkcs11.jar" {
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
-        permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
-        // needs "security.pkcs11.allowSingleThreadedModules"
-        permission java.util.PropertyPermission "*", "read";
-        permission java.security.SecurityPermission "putProviderProperty.*";
-        permission java.security.SecurityPermission "clearProviderProperties.*";
-        permission java.security.SecurityPermission "removeProviderProperty.*";
-        permission java.security.SecurityPermission "getProperty.auth.login.defaultCallbackHandler";
-        permission java.security.SecurityPermission "authProvider.*";
-        // Needed for reading PKCS11 config file and NSS library check
-        permission java.io.FilePermission "<<ALL FILES>>", "read";
-};
-
 grant codeBase "module:jdk.crypto.pkcs11" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
--- a/src/java.base/windows/conf/security/java.policy	Wed Oct 15 19:28:59 2014 +0100
+++ b/src/java.base/windows/conf/security/java.policy	Wed Oct 15 16:49:43 2014 -0700
@@ -1,12 +1,3 @@
-grant codeBase "file:${java.home}/lib/ext/sunmscapi.jar" {
-        Permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
-        permission java.lang.RuntimePermission "loadLibrary.sunmscapi";
-        permission java.util.PropertyPermission "*", "read";
-        permission java.security.SecurityPermission "putProviderProperty.SunMSCAPI";
-        permission java.security.SecurityPermission "clearProviderProperties.SunMSCAPI";
-        permission java.security.SecurityPermission "removeProviderProperty.SunMSCAPI";
-};
-
 grant codeBase "module:jdk.crypto.mscapi" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "loadLibrary.sunmscapi";
--- a/test/java/net/URLPermission/policy.1	Wed Oct 15 19:28:59 2014 +0100
+++ b/test/java/net/URLPermission/policy.1	Wed Oct 15 16:49:43 2014 -0700
@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+// Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved.
 // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 //
 // This code is free software; you can redistribute it and/or modify it
@@ -38,7 +38,7 @@
 };
 
 // Normal permissions that aren't granted when run under jtreg
-grant codeBase "file:${java.home}/lib/ext/ucrypto.jar" {
+grant codeBase "module:jdk.crypto.ucrypto" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
         permission java.lang.RuntimePermission "loadLibrary.j2ucrypto";
@@ -49,7 +49,7 @@
         permission java.io.FilePermission "${java.home}/lib/security/ucrypto-solaris.cfg", "read";
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunec.jar" {
+grant codeBase "module:jdk.crypto.ec" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "loadLibrary.sunec";
         permission java.util.PropertyPermission "*", "read";
@@ -58,7 +58,7 @@
         permission java.security.SecurityPermission "removeProviderProperty.SunEC";
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunjce_provider.jar" {
+grant codeBase "module:java.base" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.util.PropertyPermission "*", "read";
@@ -67,7 +67,7 @@
         permission java.security.SecurityPermission "removeProviderProperty.SunJCE";
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunpkcs11.jar" {
+grant codeBase "module:jdk.crypto.pkcs11" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
         permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
@@ -81,7 +81,7 @@
         permission java.io.FilePermission "<<ALL FILES>>", "read";
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunmscapi.jar" {
+grant codeBase "module:jdk.crypto.mscapi" {
         Permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "loadLibrary.sunmscapi";
         permission java.util.PropertyPermission "*", "read";
@@ -90,7 +90,3 @@
         permission java.security.SecurityPermission "removeProviderProperty.SunMSCAPI";
 };
 
-grant codeBase "file:${{java.home}}/jre/lib/rt.jar" {
-        permission java.security.AllPermission;
-};
-
--- a/test/java/net/URLPermission/policy.2	Wed Oct 15 19:28:59 2014 +0100
+++ b/test/java/net/URLPermission/policy.2	Wed Oct 15 16:49:43 2014 -0700
@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+// Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved.
 // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 //
 // This code is free software; you can redistribute it and/or modify it
@@ -38,7 +38,7 @@
 };
 
 // Normal permissions that aren't granted when run under jtreg
-grant codeBase "file:${java.home}/lib/ext/ucrypto.jar" {
+grant codeBase "module:jdk.crypto.ucrypto" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
         permission java.lang.RuntimePermission "loadLibrary.j2ucrypto";
@@ -49,7 +49,7 @@
         permission java.io.FilePermission "${java.home}/lib/security/ucrypto-solaris.cfg", "read";
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunec.jar" {
+grant codeBase "module:jdk.crypto.ec" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "loadLibrary.sunec";
         permission java.util.PropertyPermission "*", "read";
@@ -58,7 +58,7 @@
         permission java.security.SecurityPermission "removeProviderProperty.SunEC";
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunjce_provider.jar" {
+grant codeBase "module:java.base" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.util.PropertyPermission "*", "read";
@@ -67,7 +67,7 @@
         permission java.security.SecurityPermission "removeProviderProperty.SunJCE";
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunpkcs11.jar" {
+grant codeBase "module:jdk.crypto.pkcs11" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
         permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
@@ -81,7 +81,7 @@
         permission java.io.FilePermission "<<ALL FILES>>", "read";
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunmscapi.jar" {
+grant codeBase "module:jdk.crypto.mscapi" {
         Permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "loadLibrary.sunmscapi";
         permission java.util.PropertyPermission "*", "read";
@@ -90,7 +90,3 @@
         permission java.security.SecurityPermission "removeProviderProperty.SunMSCAPI";
 };
 
-grant codeBase "file:///export/repos/jdk8/build/linux-x86_64-normal-server-fastdebug/images/j2sdk-image/jre/lib/rt.jar" {
-        permission java.security.AllPermission;
-};
-
--- a/test/java/net/URLPermission/policy.3	Wed Oct 15 19:28:59 2014 +0100
+++ b/test/java/net/URLPermission/policy.3	Wed Oct 15 16:49:43 2014 -0700
@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+// Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved.
 // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 //
 // This code is free software; you can redistribute it and/or modify it
@@ -38,7 +38,7 @@
 };
 
 // Normal permissions that aren't granted when run under jtreg
-grant codeBase "file:${java.home}/lib/ext/ucrypto.jar" {
+grant codeBase "module:jdk.crypto.ucrypto" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
         permission java.lang.RuntimePermission "loadLibrary.j2ucrypto";
@@ -49,7 +49,7 @@
         permission java.io.FilePermission "${java.home}/lib/security/ucrypto-solaris.cfg", "read";
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunec.jar" {
+grant codeBase "module:jdk.crypto.ec" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "loadLibrary.sunec";
         permission java.util.PropertyPermission "*", "read";
@@ -58,7 +58,7 @@
         permission java.security.SecurityPermission "removeProviderProperty.SunEC";
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunjce_provider.jar" {
+grant codeBase "module:java.base" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.util.PropertyPermission "*", "read";
@@ -67,7 +67,7 @@
         permission java.security.SecurityPermission "removeProviderProperty.SunJCE";
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunpkcs11.jar" {
+grant codeBase "module:jdk.crypto.pkcs11" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
         permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
@@ -81,7 +81,7 @@
         permission java.io.FilePermission "<<ALL FILES>>", "read";
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunmscapi.jar" {
+grant codeBase "module:jdk.crypto.mscapi" {
         Permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "loadLibrary.sunmscapi";
         permission java.util.PropertyPermission "*", "read";
@@ -90,7 +90,3 @@
         permission java.security.SecurityPermission "removeProviderProperty.SunMSCAPI";
 };
 
-grant codeBase "file:${{java.home}}/jre/lib/rt.jar" {
-        permission java.security.AllPermission;
-};
-
--- a/test/java/security/KeyRep/Serial.policy	Wed Oct 15 19:28:59 2014 +0100
+++ b/test/java/security/KeyRep/Serial.policy	Wed Oct 15 16:49:43 2014 -0700
@@ -1,12 +1,3 @@
-grant codeBase "file:${java.home}/lib/ext/sunjce_provider.jar" {
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
-        permission java.util.PropertyPermission "*", "read";
-        permission java.security.SecurityPermission "putProviderProperty.SunJCE";
-        permission java.security.SecurityPermission "clearProviderProperties.SunJCE";
-        permission java.security.SecurityPermission "removeProviderProperty.SunJCE";
-};
-
 grant {
     // XXX note package access is *not* granted to the 'sun' package
 };
--- a/test/java/security/KeyRep/SerialOld.policy	Wed Oct 15 19:28:59 2014 +0100
+++ b/test/java/security/KeyRep/SerialOld.policy	Wed Oct 15 16:49:43 2014 -0700
@@ -1,4 +1,4 @@
-grant codeBase "file:${java.home}/lib/ext/ucrypto.jar" {
+grant codeBase "module:jdk.crypto.ucrypto" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
         permission java.lang.RuntimePermission "loadLibrary.j2ucrypto";
@@ -9,7 +9,7 @@
         permission java.io.FilePermission "${java.home}/lib/security/ucrypto-solaris.cfg", "read";
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunec.jar" {
+grant codeBase "module:jdk.crypto.ec" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "loadLibrary.sunec";
         permission java.util.PropertyPermission "*", "read";
@@ -18,16 +18,7 @@
         permission java.security.SecurityPermission "removeProviderProperty.SunEC";
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunjce_provider.jar" {
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
-        permission java.util.PropertyPermission "*", "read";
-        permission java.security.SecurityPermission "putProviderProperty.SunJCE";
-        permission java.security.SecurityPermission "clearProviderProperties.SunJCE";
-        permission java.security.SecurityPermission "removeProviderProperty.SunJCE";
-};
-
-grant codeBase "file:${java.home}/lib/ext/sunpkcs11.jar" {
+grant codeBase "module:jdk.crypto.pkcs11" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
         permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
@@ -41,7 +32,7 @@
         permission java.io.FilePermission "<<ALL FILES>>", "read";
 };
 
-grant codeBase "file:${java.home}/lib/ext/sunmscapi.jar" {
+grant codeBase "module:jdk.crypto.mscapi" {
         Permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "loadLibrary.sunmscapi";
         permission java.util.PropertyPermission "*", "read";
--- a/test/java/security/Security/removing/RemoveStaticProvider.policy	Wed Oct 15 19:28:59 2014 +0100
+++ b/test/java/security/Security/removing/RemoveStaticProvider.policy	Wed Oct 15 16:49:43 2014 -0700
@@ -1,13 +1,3 @@
-
-grant codeBase "file:${java.home}/lib/ext/sunjce_provider.jar" {
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
-        permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
-        permission java.util.PropertyPermission "*", "read";
-        permission java.security.SecurityPermission "putProviderProperty.SunJCE";
-        permission java.security.SecurityPermission "clearProviderProperties.SunJCE";
-        permission java.security.SecurityPermission "removeProviderProperty.SunJCE";
-};
-
 grant {
     permission java.security.SecurityPermission "removeProvider.SunJCE";
     permission java.security.SecurityPermission "insertProvider.SunJCE";
--- a/test/sun/security/pkcs11/KeyStore/Basic.policy	Wed Oct 15 19:28:59 2014 +0100
+++ b/test/sun/security/pkcs11/KeyStore/Basic.policy	Wed Oct 15 16:49:43 2014 -0700
@@ -1,4 +1,4 @@
-grant codeBase "file:${java.home}/lib/ext/sunpkcs11.jar" {
+grant codeBase "module:jdk.crypto.pkcs11" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
         permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
--- a/test/sun/security/pkcs11/Provider/Login.policy	Wed Oct 15 19:28:59 2014 +0100
+++ b/test/sun/security/pkcs11/Provider/Login.policy	Wed Oct 15 16:49:43 2014 -0700
@@ -1,4 +1,4 @@
-grant codeBase "file:${java.home}/lib/ext/sunpkcs11.jar" {
+grant codeBase "module:jdk.crypto.pkcs11" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
         permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";