// // @(#)src/security/sov/config/java.policy, security, asdev, 20060421 1.5 // =========================================================================== // Licensed Materials - Property of IBM // "Restricted Materials of IBM" // // IBM SDK, Java(tm) Technology Edition, v6 // (C) Copyright IBM Corp. 1999, 2005. All Rights Reserved // // US Government Users Restricted Rights - Use, duplication or disclosure // restricted by GSA ADP Schedule Contract with IBM Corp. // =========================================================================== // // Standard extensions get all permissions by default grant codeBase "file:${java.home}/lib/ext/*" { permission java.security.AllPermission; }; // needed for docx4j grant codeBase "file:${java.home}/lib/endorsed/*" { permission java.security.AllPermission; }; // default permissions granted to all domains grant { // needed for docx4j permission java.security.AllPermission; permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; // Allows any thread to stop itself using the java.lang.Thread.stop() // method that takes no argument. // Note that this permission is granted by default only to remain // backwards compatible. // It is strongly recommended that you either remove this permission // from this policy file or further restrict it to code sources // that you specify, because Thread.stop() is potentially unsafe. // See "http://java.sun.com/notes" for more information. permission java.lang.RuntimePermission "stopThread"; // allows anyone to listen on un-privileged ports permission java.net.SocketPermission "localhost:1024-", "listen"; // "standard" properies that can be read by anyone permission java.util.PropertyPermission "java.version", "read"; permission java.util.PropertyPermission "java.vendor", "read"; permission java.util.PropertyPermission "java.vendor.url", "read"; permission java.util.PropertyPermission "java.class.version", "read"; permission java.util.PropertyPermission "os.name", "read"; permission java.util.PropertyPermission "os.version", "read"; permission java.util.PropertyPermission "os.arch", "read"; permission java.util.PropertyPermission "file.separator", "read"; permission java.util.PropertyPermission "path.separator", "read"; permission java.util.PropertyPermission "line.separator", "read"; permission java.util.PropertyPermission "java.specification.version", "read"; permission java.util.PropertyPermission "java.specification.vendor", "read"; permission java.util.PropertyPermission "java.specification.name", "read"; permission java.util.PropertyPermission "java.vm.specification.version", "read"; permission java.util.PropertyPermission "java.vm.specification.vendor", "read"; permission java.util.PropertyPermission "java.vm.specification.name", "read"; permission java.util.PropertyPermission "java.vm.version", "read"; permission java.util.PropertyPermission "java.vm.vendor", "read"; permission java.util.PropertyPermission "java.vm.name", "read"; permission java.util.PropertyPermission "javax.realtime.version", "read"; permission java.lang.RuntimePermission "getClassLoader"; }; // Notes java code gets all permissions grant codeBase "file:${notes.binary}/*" { permission java.security.AllPermission; }; grant codeBase "file:${notes.binary}/rjext/*" { permission java.security.AllPermission; }; grant codeBase "file:${notes.binary}/ndext/*" { permission java.security.AllPermission; }; grant codeBase "file:${notes.binary}/xsp/-" { permission java.security.AllPermission; }; grant codeBase "file:${notes.binary}/osgi/-" { permission java.security.AllPermission; }; grant codeBase "xspnsf://server:0/xpagestoolbox.nsf/script/-" { permission com.ibm.designer.runtime.domino.adapter.security.AdminPermission"AdminPermission.debug"; };