8155513: Deprivilege jdk.charsets

Reviewed-by: alanb, chegar

jdk/src/java.base/share/conf/security/java.policy

@@ -12,6 +12,15 @@ grant codeBase "jrt:/java.compiler" {
         permission java.security.AllPermission;
 };
 
+grant codeBase "jrt:/jdk.charsets" {
+        permission java.io.FilePermission "${java.home}/-", "read";
+        permission java.util.PropertyPermission "os.name", "read";
+        permission java.util.PropertyPermission "sun.nio.cs.map", "read";
+        permission java.lang.RuntimePermission "charsetProvider";
+        permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.misc";
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";
+};
+
 grant codeBase "jrt:/jdk.crypto.ucrypto" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";

jdk/test/java/nio/charset/spi/basic.sh

@@ -113,7 +113,7 @@ for where in app; do
 		     av="$av -Djava.security.manager -Djava.security.policy==$TESTSRC/default-pol";;
       cp-policy)     css="$CSS FOO";
 		     av="$av -Djava.security.manager
-		         -Djava.security.policy==$TESTSRC/charsetProvider.sp";;
+		         -Djava.security.policy=$TESTSRC/charsetProvider.sp";;
     esac
     if (set -x; $JAVA ${TESTVMOPTS} $av Test $css) 2>&1; then
       continue;

jdk/test/java/nio/charset/spi/default-pol

@@ -1,3 +1,11 @@
+grant codeBase "jrt:/jdk.charsets" {
+        permission java.io.FilePermission "${java.home}/-", "read";
+        permission java.util.PropertyPermission "os.name", "read";
+        permission java.util.PropertyPermission "sun.nio.cs.map", "read";
+        permission java.lang.RuntimePermission "charsetProvider";
+        permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.misc";
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";
+};
 
 // default permissions granted to all domains