1// This file governs the permissions directly granted to all jar files 2// listed under the jetty.home/lib directory. 3// 4// Review of this file is recommended and possible tweaking of the codeBase 5// is likely in the future. 6 7grant codeBase "file:${jetty.home}${/}lib${/}-" { 8 9 permission java.lang.RuntimePermission "getClassLoader"; 10 11 permission java.util.PropertyPermission "org.eclipse.jetty.webapp.WebAppClassLoader.extensions", "read"; 12 permission java.util.PropertyPermission "org.eclipse.jetty.ajp.PathMap.separators", "read"; 13 14 permission java.util.PropertyPermission "ROLLOVERFILE_BACKUP_FORMAT", "read"; 15 16 permission java.util.PropertyPermission "org.eclipse.jetty.server.webapp.parentLoaderPriority", "read"; 17 permission java.util.PropertyPermission "org.eclipse.jetty.server.Request.maxFormContentSize", "read"; 18 19 permission javax.security.auth.AuthPermission "modifyPrincipals"; 20 permission javax.security.auth.AuthPermission "modifyPrivateCredentials"; 21 permission javax.security.auth.AuthPermission "setReadOnly"; 22 23 permission java.io.FilePermission "${jetty.home}${/}-", "read"; 24 permission java.io.FilePermission "${java.io.tmpdir}", "read, write"; 25 permission java.io.FilePermission "${java.io.tmpdir}${/}-", "read, write"; 26 permission java.io.FilePermission "${/}private${/}${java.io.tmpdir}", "read, write"; 27 permission java.io.FilePermission "${/}private${/}${java.io.tmpdir}${/}-", "read, write"; 28 permission java.io.FilePermission "${jetty.home}${/}lib${/}policy${/}-", "read"; 29 30 31 permission java.io.FilePermission "${java.io.tmpdir}${/}-", "delete"; 32 33 34 permission java.io.FilePermission "${jetty.home}${/}logs", "read, write"; 35 permission java.io.FilePermission "${jetty.home}${/}logs${/}*", "read, write"; 36 37 permission java.lang.RuntimePermission "createClassLoader"; 38 permission java.lang.RuntimePermission "setContextClassLoader"; 39 40 permission java.security.SecurityPermission "getPolicy"; 41 permission java.lang.RuntimePermission "accessDeclaredMembers"; 42 43 // jetty specific properties 44 permission java.util.PropertyPermission "org.eclipse.jetty.util.log.class", "read"; 45 permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.DEBUG", "read"; 46 permission java.util.PropertyPermission "org.eclipse.jetty.util.log.DEBUG", "read"; 47 permission java.util.PropertyPermission "START", "read"; 48 permission java.util.PropertyPermission "STOP.PORT", "read"; 49 permission java.util.PropertyPermission "STOP.KEY", "read"; 50 permission java.util.PropertyPermission "org.eclipse.jetty.util.log.IGNORED", "read"; 51 permission java.util.PropertyPermission "CLASSPATH", "read"; 52 permission java.util.PropertyPermission "OPTIONS", "read"; 53 permission java.util.PropertyPermission "JETTY_NO_SHUTDOWN_HOOK", "read"; 54 permission java.util.PropertyPermission "ISO_8859_1", "read"; 55 permission java.util.PropertyPermission "jetty.home", "read, write"; 56 57 permission java.util.PropertyPermission "user.home", "read"; 58 permission java.util.PropertyPermission "user.dir", "read"; 59 60 61 permission java.util.PropertyPermission "jetty.class.path", "read, write"; 62 permission java.util.PropertyPermission "java.class.path", "read, write"; 63 64 permission java.util.PropertyPermission "jetty.lib", "read"; 65 permission java.util.PropertyPermission "jetty.server", "read"; 66 permission java.util.PropertyPermission "jetty.host", "read"; 67 permission java.util.PropertyPermission "jetty.port", "read"; 68 69 permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.class", "read"; 70 71 permission java.util.PropertyPermission "org.eclipse.jetty.util.URI.charset", "read"; 72 73 permission java.util.PropertyPermission "org.eclipse.jetty.util.FileResource.checkAliases", "read"; 74 75 permission java.util.PropertyPermission "org.eclipse.jetty.xml.XmlParser.Validating", "read"; 76 77 permission java.util.PropertyPermission "org.eclipse.jetty.io.nio.JVMBUG_THRESHHOLD", "read, write"; 78 79 permission java.util.PropertyPermission "org.eclipse.jetty.util.TypeUtil.IntegerCacheSize", "read, write"; 80 81 permission java.util.PropertyPermission "org.eclipse.jetty.util.TypeUtil.LongCacheSize", "read"; 82 83 permission java.util.PropertyPermission "org.eclipse.jetty.io.AbstractBuffer.boundsChecking", "read"; 84 85 // provides access to webapps 86 permission java.io.FilePermission "${jetty.home}${/}webapps${/}-", "read"; // Ought to go up a specific codebase 87 88 89 // Allows any thread to stop itself using the java.lang.Thread.stop() 90 // method that takes no argument. 91 permission java.lang.RuntimePermission "stopThread"; 92 93 // jsp support 94 permission java.net.SocketPermission "java.sun.com:80", "connect,resolve"; 95 96};