jdk/src/java.base/share/lib/security/default.policy - platform/libcore - Git at Google

 //
 // Permissions required by modules stored in a run-time image and loaded
 // by the platform class loader.
 //
 // NOTE that this file is not intended to be modified. If additional
 // permissions need to be granted to the modules in this file, it is
 // recommended that they be configured in a separate policy file or
 // ${java.home}/conf/security/java.policy.
 //

 grant codeBase "jrt:/java.activation" {
     permission java.security.AllPermission;
 };

 grant codeBase "jrt:/java.compiler" {
     permission java.security.AllPermission;
 };

 grant codeBase "jrt:/java.corba" {
     permission java.security.AllPermission;
 };

 grant codeBase "jrt:/java.scripting" {
     permission java.security.AllPermission;
 };

 grant codeBase "jrt:/java.security.jgss" {
     permission java.security.AllPermission;
 };

 grant codeBase "jrt:/java.smartcardio" {
     permission javax.smartcardio.CardPermission "*", "*";
     permission java.lang.RuntimePermission "loadLibrary.j2pcsc";
     permission java.lang.RuntimePermission
                    "accessClassInPackage.sun.security.*";
     permission java.util.PropertyPermission "*", "read";
     // needed for looking up native PC/SC library
     permission java.io.FilePermission "<<ALL FILES>>","read";
     permission java.security.SecurityPermission "putProviderProperty.SunPCSC";
     permission java.security.SecurityPermission
                    "clearProviderProperties.SunPCSC";
     permission java.security.SecurityPermission
                    "removeProviderProperty.SunPCSC";
 };

 grant codeBase "jrt:/java.sql" {
     permission java.security.AllPermission;
 };

 grant codeBase "jrt:/java.sql.rowset" {
     permission java.security.AllPermission;
 };

 grant codeBase "jrt:/java.xml.bind" {
     permission java.lang.RuntimePermission
                    "accessClassInPackage.com.sun.xml.internal.*";
     permission java.lang.RuntimePermission
                    "accessClassInPackage.com.sun.istack.internal";
     permission java.lang.RuntimePermission
                    "accessClassInPackage.com.sun.istack.internal.*";
     permission java.lang.RuntimePermission "accessDeclaredMembers";
     permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
     permission java.util.PropertyPermission "*", "read";
 };

 grant codeBase "jrt:/java.xml.crypto" {
     permission java.util.PropertyPermission "*", "read";
     permission java.security.SecurityPermission "putProviderProperty.XMLDSig";
     permission java.security.SecurityPermission
                    "clearProviderProperties.XMLDSig";
     permission java.security.SecurityPermission
                    "removeProviderProperty.XMLDSig";
     permission java.security.SecurityPermission
                    "com.sun.org.apache.xml.internal.security.register";
     permission java.security.SecurityPermission
                    "getProperty.jdk.xml.dsig.secureValidationPolicy";
 };

 grant codeBase "jrt:/java.xml.ws" {
     permission java.lang.RuntimePermission
                    "accessClassInPackage.com.sun.xml.internal.*";
     permission java.lang.RuntimePermission
                    "accessClassInPackage.com.sun.istack.internal";
     permission java.lang.RuntimePermission
                    "accessClassInPackage.com.sun.istack.internal.*";
     permission java.lang.RuntimePermission
                    "accessClassInPackage.com.sun.org.apache.xerces.internal.*";
     permission java.lang.RuntimePermission "accessDeclaredMembers";
     permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
     permission java.util.PropertyPermission "*", "read";
 };

 grant codeBase "jrt:/jdk.charsets" {
     permission java.util.PropertyPermission "os.name", "read";
     permission java.util.PropertyPermission "sun.nio.cs.map", "read";
     permission java.lang.RuntimePermission "charsetProvider";
     permission java.lang.RuntimePermission
                    "accessClassInPackage.jdk.internal.misc";
     permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";
 };

 grant codeBase "jrt:/jdk.crypto.ec" {
     permission java.lang.RuntimePermission
                    "accessClassInPackage.sun.security.*";
     permission java.lang.RuntimePermission "loadLibrary.sunec";
     permission java.util.PropertyPermission "*", "read";
     permission java.security.SecurityPermission "putProviderProperty.SunEC";
     permission java.security.SecurityPermission "clearProviderProperties.SunEC";
     permission java.security.SecurityPermission "removeProviderProperty.SunEC";
 };

 grant codeBase "jrt:/jdk.crypto.pkcs11" {
     permission java.lang.RuntimePermission
                    "accessClassInPackage.sun.security.*";
     permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
     permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
     permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
     // needs "security.pkcs11.allowSingleThreadedModules"
     permission java.util.PropertyPermission "*", "read";
     permission java.security.SecurityPermission "putProviderProperty.*";
     permission java.security.SecurityPermission "clearProviderProperties.*";
     permission java.security.SecurityPermission "removeProviderProperty.*";
     permission java.security.SecurityPermission
                    "getProperty.auth.login.defaultCallbackHandler";
     permission java.security.SecurityPermission "authProvider.*";
     // Needed for reading PKCS11 config file and NSS library check
     permission java.io.FilePermission "<<ALL FILES>>", "read";
 };

 grant codeBase "jrt:/jdk.dynalink" {
     permission java.security.AllPermission;
 };

 grant codeBase "jrt:/jdk.internal.le" {
     permission java.security.AllPermission;
 };

 grant codeBase "jrt:/jdk.jsobject" {
     permission java.security.AllPermission;
 };

 grant codeBase "jrt:/jdk.localedata" {
     permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
     permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
     permission java.util.PropertyPermission "*", "read";
 };

 grant codeBase "jrt:/jdk.naming.dns" {
     permission java.security.AllPermission;
 };

 grant codeBase "jrt:/jdk.scripting.nashorn" {
     permission java.security.AllPermission;
 };

 grant codeBase "jrt:/jdk.scripting.nashorn.shell" {
     permission java.security.AllPermission;
 };

 grant codeBase "jrt:/jdk.security.auth" {
     permission java.security.AllPermission;
 };

 grant codeBase "jrt:/jdk.security.jgss" {
     permission java.security.AllPermission;
 };

 grant codeBase "jrt:/jdk.zipfs" {
     permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
     permission java.lang.RuntimePermission "fileSystemProvider";
     permission java.util.PropertyPermission "*", "read";
 };
	//
	// Permissions required by modules stored in a run-time image and loaded
	// by the platform class loader.
	//
	// NOTE that this file is not intended to be modified. If additional
	// permissions need to be granted to the modules in this file, it is
	// recommended that they be configured in a separate policy file or
	// ${java.home}/conf/security/java.policy.
	//

	grant codeBase "jrt:/java.activation" {
	permission java.security.AllPermission;
	};

	grant codeBase "jrt:/java.compiler" {
	permission java.security.AllPermission;
	};

	grant codeBase "jrt:/java.corba" {
	permission java.security.AllPermission;
	};

	grant codeBase "jrt:/java.scripting" {
	permission java.security.AllPermission;
	};

	grant codeBase "jrt:/java.security.jgss" {
	permission java.security.AllPermission;
	};

	grant codeBase "jrt:/java.smartcardio" {
	permission javax.smartcardio.CardPermission "", "";
	permission java.lang.RuntimePermission "loadLibrary.j2pcsc";
	permission java.lang.RuntimePermission
	"accessClassInPackage.sun.security.*";
	permission java.util.PropertyPermission "*", "read";
	// needed for looking up native PC/SC library
	permission java.io.FilePermission "<<ALL FILES>>","read";
	permission java.security.SecurityPermission "putProviderProperty.SunPCSC";
	permission java.security.SecurityPermission
	"clearProviderProperties.SunPCSC";
	permission java.security.SecurityPermission
	"removeProviderProperty.SunPCSC";
	};

	grant codeBase "jrt:/java.sql" {
	permission java.security.AllPermission;
	};

	grant codeBase "jrt:/java.sql.rowset" {
	permission java.security.AllPermission;
	};

	grant codeBase "jrt:/java.xml.bind" {
	permission java.lang.RuntimePermission
	"accessClassInPackage.com.sun.xml.internal.*";
	permission java.lang.RuntimePermission
	"accessClassInPackage.com.sun.istack.internal";
	permission java.lang.RuntimePermission
	"accessClassInPackage.com.sun.istack.internal.*";
	permission java.lang.RuntimePermission "accessDeclaredMembers";
	permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
	permission java.util.PropertyPermission "*", "read";
	};

	grant codeBase "jrt:/java.xml.crypto" {
	permission java.util.PropertyPermission "*", "read";
	permission java.security.SecurityPermission "putProviderProperty.XMLDSig";
	permission java.security.SecurityPermission
	"clearProviderProperties.XMLDSig";
	permission java.security.SecurityPermission
	"removeProviderProperty.XMLDSig";
	permission java.security.SecurityPermission
	"com.sun.org.apache.xml.internal.security.register";
	permission java.security.SecurityPermission
	"getProperty.jdk.xml.dsig.secureValidationPolicy";
	};

	grant codeBase "jrt:/java.xml.ws" {
	permission java.lang.RuntimePermission
	"accessClassInPackage.com.sun.xml.internal.*";
	permission java.lang.RuntimePermission
	"accessClassInPackage.com.sun.istack.internal";
	permission java.lang.RuntimePermission
	"accessClassInPackage.com.sun.istack.internal.*";
	permission java.lang.RuntimePermission
	"accessClassInPackage.com.sun.org.apache.xerces.internal.*";
	permission java.lang.RuntimePermission "accessDeclaredMembers";
	permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
	permission java.util.PropertyPermission "*", "read";
	};

	grant codeBase "jrt:/jdk.charsets" {
	permission java.util.PropertyPermission "os.name", "read";
	permission java.util.PropertyPermission "sun.nio.cs.map", "read";
	permission java.lang.RuntimePermission "charsetProvider";
	permission java.lang.RuntimePermission
	"accessClassInPackage.jdk.internal.misc";
	permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";
	};

	grant codeBase "jrt:/jdk.crypto.ec" {
	permission java.lang.RuntimePermission
	"accessClassInPackage.sun.security.*";
	permission java.lang.RuntimePermission "loadLibrary.sunec";
	permission java.util.PropertyPermission "*", "read";
	permission java.security.SecurityPermission "putProviderProperty.SunEC";
	permission java.security.SecurityPermission "clearProviderProperties.SunEC";
	permission java.security.SecurityPermission "removeProviderProperty.SunEC";
	};

	grant codeBase "jrt:/jdk.crypto.pkcs11" {
	permission java.lang.RuntimePermission
	"accessClassInPackage.sun.security.*";
	permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
	permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
	permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
	// needs "security.pkcs11.allowSingleThreadedModules"
	permission java.util.PropertyPermission "*", "read";
	permission java.security.SecurityPermission "putProviderProperty.*";
	permission java.security.SecurityPermission "clearProviderProperties.*";
	permission java.security.SecurityPermission "removeProviderProperty.*";
	permission java.security.SecurityPermission
	"getProperty.auth.login.defaultCallbackHandler";
	permission java.security.SecurityPermission "authProvider.*";
	// Needed for reading PKCS11 config file and NSS library check
	permission java.io.FilePermission "<<ALL FILES>>", "read";
	};

	grant codeBase "jrt:/jdk.dynalink" {
	permission java.security.AllPermission;
	};

	grant codeBase "jrt:/jdk.internal.le" {
	permission java.security.AllPermission;
	};

	grant codeBase "jrt:/jdk.jsobject" {
	permission java.security.AllPermission;
	};

	grant codeBase "jrt:/jdk.localedata" {
	permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
	permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
	permission java.util.PropertyPermission "*", "read";
	};

	grant codeBase "jrt:/jdk.naming.dns" {
	permission java.security.AllPermission;
	};

	grant codeBase "jrt:/jdk.scripting.nashorn" {
	permission java.security.AllPermission;
	};

	grant codeBase "jrt:/jdk.scripting.nashorn.shell" {
	permission java.security.AllPermission;
	};

	grant codeBase "jrt:/jdk.security.auth" {
	permission java.security.AllPermission;
	};

	grant codeBase "jrt:/jdk.security.jgss" {
	permission java.security.AllPermission;
	};

	grant codeBase "jrt:/jdk.zipfs" {
	permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
	permission java.lang.RuntimePermission "fileSystemProvider";
	permission java.util.PropertyPermission "*", "read";
	};