Skip to main content
summaryrefslogtreecommitdiffstats
path: root/jetty-policy/src/main/config/lib/policy/global.policy
diff options
context:
space:
mode:
Diffstat (limited to 'jetty-policy/src/main/config/lib/policy/global.policy')
-rw-r--r--jetty-policy/src/main/config/lib/policy/global.policy43
1 files changed, 43 insertions, 0 deletions
diff --git a/jetty-policy/src/main/config/lib/policy/global.policy b/jetty-policy/src/main/config/lib/policy/global.policy
new file mode 100644
index 0000000000..4ad9340607
--- /dev/null
+++ b/jetty-policy/src/main/config/lib/policy/global.policy
@@ -0,0 +1,43 @@
+//
+// These permissions are granted to all codebases whilst a security
+// manager is installed and JettyPolicy is in play.
+//
+// Note the lack of codebase declared.
+
+grant {
+
+ // allows anyone to listen on un-privileged ports
+ permission java.net.SocketPermission "localhost:1024-", "listen";
+ permission java.net.SocketPermission "localhost:1024-", "accept";
+
+ permission java.security.SecurityPermission "putProviderProperty.SunJCE";
+ permission java.util.PropertyPermission "org.eclipse.jetty.io.nio.JVMBUG_THRESHHOLD", "read, write";
+
+ // "standard" properties that can be read by anyone
+ permission java.util.PropertyPermission "entityExpansionLimit", "read";
+ permission java.util.PropertyPermission "elementAttributeLimit", "read";
+ permission java.util.PropertyPermission "maxOccurLimit", "read";
+ permission java.util.PropertyPermission "java.version", "read";
+ permission java.util.PropertyPermission "java.vendor", "read";
+ permission java.util.PropertyPermission "java.vendor.url", "read";
+ permission java.util.PropertyPermission "java.class.version", "read";
+ permission java.util.PropertyPermission "os.name", "read";
+ permission java.util.PropertyPermission "os.version", "read";
+ permission java.util.PropertyPermission "os.arch", "read";
+ permission java.util.PropertyPermission "file.separator", "read";
+ permission java.util.PropertyPermission "path.separator", "read";
+ permission java.util.PropertyPermission "line.separator", "read";
+ permission java.util.PropertyPermission "java.io.tmpdir", "read";
+
+ permission java.util.PropertyPermission "java.specification.version", "read";
+ permission java.util.PropertyPermission "java.specification.vendor", "read";
+ permission java.util.PropertyPermission "java.specification.name", "read";
+
+ permission java.util.PropertyPermission "java.vm.specification.version", "read";
+ permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
+ permission java.util.PropertyPermission "java.vm.specification.name", "read";
+ permission java.util.PropertyPermission "java.vm.version", "read";
+ permission java.util.PropertyPermission "java.vm.vendor", "read";
+ permission java.util.PropertyPermission "java.vm.name", "read";
+
+};

Back to the top