2de1b5ce26
Co-authored-by: Chris Hegarty <chris.hegarty@oracle.com> Co-authored-by: Daniel Fuchs <daniel.fuchs@oracle.com> Co-authored-by: Pavel Rappo <pavel.rappo@oracle.com> Co-authored-by: Sergey Kuksenko <sergey.kuksenko@oracle.com> Co-authored-by: Anthony Vanelverdinghe <anthony.vanelverdinghe@gmail.com> Reviewed-by: chegar, dfuchs, michaelm, prappo, skuksenko
47 lines
2.0 KiB
Plaintext
47 lines
2.0 KiB
Plaintext
// Policy: 0
|
|
|
|
grant {
|
|
// permissions common to all tests
|
|
permission java.util.PropertyPermission "*", "read";
|
|
permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete";
|
|
permission java.net.NetPermission "getDefaultHttpClient";
|
|
permission java.lang.RuntimePermission "modifyThread";
|
|
permission java.util.logging.LoggingPermission "control", "";
|
|
permission java.net.SocketPermission "localhost:1024-", "accept,listen";
|
|
permission java.io.FilePermission "${test.src}${/}docs${/}-", "read";
|
|
permission java.lang.RuntimePermission "createClassLoader";
|
|
|
|
|
|
// permissions specific to this test
|
|
};
|
|
|
|
// For proxy only. Not being tested
|
|
grant codebase "file:${test.classes}/proxydir/-" {
|
|
permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect";
|
|
permission java.net.SocketPermission "127.0.0.1:1024-", "connect,resolve";
|
|
};
|
|
|
|
grant codeBase "jrt:/jdk.incubator.httpclient" {
|
|
permission java.lang.RuntimePermission "accessClassInPackage.sun.net";
|
|
permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www";
|
|
permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.misc";
|
|
|
|
// ## why is SP not good enough. Check API @throws signatures and impl
|
|
permission java.net.SocketPermission "*","connect,resolve";
|
|
permission java.net.URLPermission "http:*","*:*";
|
|
permission java.net.URLPermission "https:*","*:*";
|
|
permission java.net.URLPermission "ws:*","*:*";
|
|
permission java.net.URLPermission "wss:*","*:*";
|
|
permission java.net.URLPermission "socket:*","CONNECT"; // proxy
|
|
|
|
// For request/response body processors, fromFile, asFile
|
|
permission java.io.FilePermission "<<ALL FILES>>","read,write"; // delete???
|
|
|
|
permission java.util.PropertyPermission "jdk.httpclient.*","read";
|
|
|
|
// ## these permissions do not appear in the NetPermission spec!!! JDK bug?
|
|
permission java.net.NetPermission "getSSLContext";
|
|
permission java.net.NetPermission "setSSLContext";
|
|
};
|
|
|