-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathjava.policy
More file actions
125 lines (106 loc) · 5.74 KB
/
Copy pathjava.policy
File metadata and controls
125 lines (106 loc) · 5.74 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
// Standard extensions get all permissions by default
grant codeBase "file:${java.home}/-" {
permission java.security.AllPermission;
};
grant codeBase "file:/Web-CAT/Plugins/JavaTddPlugin/src/-" {
permission java.security.AllPermission;
};
grant codeBase "file:${java.home}/lib/ext/*" {
permission java.security.AllPermission;
};
grant codeBase "file:${ant.home}/-" {
permission java.security.AllPermission;
};
grant codeBase "file:${pluginHome}/-" {
permission java.security.AllPermission;
};
grant {
// This one is required for clover
permission java.io.FilePermission "${resultDir}", "read,write";
permission java.io.FilePermission "${resultDir}${/}-", "read,write";
permission java.io.FilePermission
"${workingDir}${/}-", "read,write,delete";
permission java.io.FilePermission "${workingDir}", "read,write";
permission java.io.FilePermission "${pluginHome}${/}-", "read";
permission java.io.FilePermission "${assignmentClassDir}${/}-", "read";
permission java.io.FilePermission "${instructorClassDir}${/}-", "read";
permission java.util.logging.LoggingPermission "control";
// for JES
permission java.io.FilePermission "${user.home}${/}JESConfig.txt", "read";
// for jacoco
permission java.net.SocketPermission "*", "resolve";
};
// default permissions granted to all domains
grant {
// Allows any thread to stop itself using the java.lang.Thread.stop()
// method that takes no argument.
// Note that this permission is granted by default only to remain
// backwards compatible.
// It is strongly recommended that you either remove this permission
// from this policy file or further restrict it to code sources
// that you specify, because Thread.stop() is potentially unsafe.
// See "http://java.sun.com/notes" for more information.
permission java.lang.RuntimePermission "stopThread";
permission java.lang.RuntimePermission "getClassLoader";
permission java.lang.RuntimePermission "exitVM";
permission java.lang.RuntimePermission "shutdownHooks";
// allows anyone to listen on un-privileged ports
permission java.net.SocketPermission "localhost:1024-", "listen";
permission java.net.SocketPermission "*.vt.edu:80-", "connect";
permission java.net.SocketPermission "*.cs.vt.edu", "connect";
permission java.net.SocketPermission "courses.cs.vt.edu", "connect";
permission java.net.SocketPermission "moodle.cs.vt.edu", "connect";
permission java.net.SocketPermission "csgrad.cs.vt.edu", "connect";
permission java.net.SocketPermission "web-cat.cs.vt.edu", "connect";
permission java.net.SocketPermission "web-cat.org", "connect";
permission java.net.SocketPermission "wiki.web-cat.org", "connect";
permission java.net.SocketPermission "google.com", "connect";
permission java.net.SocketPermission "www.google.com", "connect";
// "standard" properties that can be read by anyone
permission java.util.PropertyPermission "java.version", "read";
permission java.util.PropertyPermission "java.vendor", "read";
permission java.util.PropertyPermission "java.vendor.url", "read";
permission java.util.PropertyPermission "java.class.version", "read";
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "os.version", "read";
permission java.util.PropertyPermission "os.arch", "read";
permission java.util.PropertyPermission "file.separator", "read";
permission java.util.PropertyPermission "path.separator", "read";
permission java.util.PropertyPermission "line.separator", "read";
permission java.util.PropertyPermission
"java.specification.version", "read";
permission java.util.PropertyPermission
"java.specification.vendor", "read";
permission java.util.PropertyPermission "java.specification.name", "read";
permission java.util.PropertyPermission
"java.vm.specification.version", "read";
permission java.util.PropertyPermission
"java.vm.specification.vendor", "read";
permission java.util.PropertyPermission
"java.vm.specification.name", "read";
permission java.util.PropertyPermission "java.vm.version", "read";
permission java.util.PropertyPermission "java.vm.vendor", "read";
permission java.util.PropertyPermission "java.vm.name", "read";
permission java.util.PropertyPermission "user.dir", "read";
// Needed for abbot (a bit leakier than I'd like, but ...
permission java.util.PropertyPermission "abbot*", "read";
permission java.util.PropertyPermission "abbot.*", "read";
permission java.util.PropertyPermission "java.class.path", "read";
permission java.util.PropertyPermission "co.*", "read";
permission java.util.PropertyPermission "mrj.version", "read";
permission java.awt.AWTPermission "accessClipboard";
permission java.awt.AWTPermission "accessEventQueue";
permission java.awt.AWTPermission "createRobot";
permission java.awt.AWTPermission "listenToAllAWTEvents";
permission java.awt.AWTPermission "replaceKeyboardFocusManager";
permission java.awt.AWTPermission "showWindowWithoutWarningBanner";
permission java.awt.AWTPermission "watchMousePointer";
permission java.awt.AWTPermission "setWindowAlwaysOnTop";
permission java.awt.AWTPermission "setAppletStub";
permission java.lang.RuntimePermission "setIO";
permission java.lang.RuntimePermission "accessDeclaredMembers";
permission java.io.FilePermission
"${java.io.tmpdir}${/}-", "read,write,delete";
permission java.util.PropertyPermission "*", "read,write";
permission java.lang.RuntimePermission "setIO";
};