--- /dev/null 2005-08-14 20:28:06.000000000 -0700 +++ resource/java/security/classpath.policy 2005-08-14 20:31:59.000000000 -0700 @@ -0,0 +1,137 @@ +/* classpath.policy.in -- Classpath's default security policy. + Copyright (C) 2005 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +/* + * This file represents the default security policy for GNU Classpath; + * in short, untrusted code is only given read access to certain + * properties, "listen" permission for unprivileged ports on + * "localhost," and the ability to exit the VM. + */ + +// Any code not matching any other codeBase rule matches this. +grant +{ + // Standard properties, which may be read. + permission java.util.PropertyPermission "java.version", "read"; + permission java.util.PropertyPermission "java.vendor", "read"; + permission java.util.PropertyPermission "java.vendor.url", "read"; + permission java.util.PropertyPermission "java.home", "read"; + permission java.util.PropertyPermission "java.vm.specification.version", "read"; + permission java.util.PropertyPermission "java.vm.specification.vendor", "read"; + permission java.util.PropertyPermission "java.vm.specification.name", "read"; + permission java.util.PropertyPermission "java.vm.version", "read"; + permission java.util.PropertyPermission "java.vm.vendor", "read"; + permission java.util.PropertyPermission "java.specification.version", "read"; + permission java.util.PropertyPermission "java.specification.vendor", "read"; + permission java.util.PropertyPermission "java.specification.name", "read"; + permission java.util.PropertyPermission "java.class.version", "read"; + permission java.util.PropertyPermission "java.class.path", "read"; + permission java.util.PropertyPermission "java.library.path", "read"; + permission java.util.PropertyPermission "java.io.tmpdir", "read"; + permission java.util.PropertyPermission "java.compiler", "read"; + permission java.util.PropertyPermission "java.ext.dirs", "read"; + permission java.util.PropertyPermission "os.name", "read"; + permission java.util.PropertyPermission "os.arch", "read"; + permission java.util.PropertyPermission "os.version", "read"; + permission java.util.PropertyPermission "file.separator", "read"; + permission java.util.PropertyPermission "path.separator", "read"; + permission java.util.PropertyPermission "line.separator", "read"; + permission java.util.PropertyPermission "user.name", "read"; + permission java.util.PropertyPermission "user.home", "read"; + permission java.util.PropertyPermission "user.dir", "read"; + + // GNU Classpath properties, which also may be read. + permission java.util.PropertyPermission "gnu.classpath.home", "read"; + permission java.util.PropertyPermission "gnu.classpath.version", "read"; + permission java.util.PropertyPermission "gnu.classpath.vm.shortname", "read"; + permission java.util.PropertyPermission "gnu.classpath.home.url", "read"; + permission java.util.PropertyPermission "gnu.cpu.endian", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-8859-0", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-8859-1", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-8859-2", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-8859-3", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-8859-4", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-8859-5", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-8859-6", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-8859-7", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-8859-8", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-8859-9", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso8859_0", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso8859_1", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso8859_2", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso8859_3", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso8859_4", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso8859_5", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso8859_6", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso8859_7", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso8859_8", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso8859_9", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-latin-_0", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-latin-_1", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-latin-_2", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-latin-_3", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-latin-_4", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-latin-_5", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-latin-_6", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-latin-_7", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-latin-_8", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.iso-latin-_9", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.latin0", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.latin1", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.latin2", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.latin3", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.latin4", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.latin5", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.latin6", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.latin7", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.latin8", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.latin9", "read"; + permission java.util.PropertyPermission "gnu.java.io.encoding_scheme_alias.utf-8", "read"; + + // Listening on the localhost address is allowed. + permission java.net.SocketPermission "localhost:1024-", "listen"; + + // Allow exiting the VM. + permission java.lang.RuntimePermission "exitVM"; +}; + +// Anything installed in the same prefix as GNU Classpath is trusted, +// and gets full permissions. +grant codeBase "${gnu.classpath.home.url}/-" +{ + permission java.security.AllPermission; +}; \ No newline at end of file