Google Git
Sign in
apache / derby / 08cc0f89fe077234078430bf9b93ebc9dfd70ac5 / . / java / testing / org / apache / derbyTesting / functionTests / tests / lang / SecurityPolicyReloadingTest.modified.policy
blob: a7a2dca6d88d4f343e0b61e0c6d40e7e6de26850 [file] [log] [blame]
//
// * Derby - Class org.apache.derbyTesting.functionTests.tests.lang.SimpleTest
// *
// * Licensed to the Apache Software Foundation (ASF) under one
// * or more contributor license agreements. See the NOTICE file
// * distributed with this work for additional information
// * regarding copyright ownership. The ASF licenses this file
// * to you under the Apache License, Version 2.0 (the
// * "License"); you may not use this file except in compliance
// * with the License. You may obtain a copy of the License at
// *
// * http://www.apache.org/licenses/LICENSE-2.0
// *
// * Unless required by applicable law or agreed to in writing,
// * software distributed under the License is distributed on an
// * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// * KIND, either express or implied. See the License for the
// * specific language governing permissions and limitations
// * under the License.
// *
grant codeBase "${derbyTesting.codejar}derby.jar"
{
//
// These permissions are needed for everyday, embedded Derby usage.
//
permission java.lang.RuntimePermission "createClassLoader";
permission java.util.PropertyPermission "derby.*", "read";
permission java.util.PropertyPermission "derby.storage.jvmInstanceId",
"write";
permission java.io.FilePermission "${derby.system.home}","read";
permission java.io.FilePermission "${derby.system.home}${/}-", "read,write,delete";
permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
// getProtectionDomain is an optional permission needed for printing classpath
// information to derby.log
permission java.lang.RuntimePermission "getProtectionDomain";
//
// This permission lets a DBA reload this policy file while the server
// is still running.
//
permission java.security.SecurityPermission "getPolicy";
//
// This permission lets you backup and restore databases
// to and from arbitrary locations in your file system.
//
// This permission also lets you import/export data to and from
// arbitrary locations in your file system.
//
// You may want to restrict this access to specific directories.
//
permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
// Needed by FileUtil#limitAccessToOwner
permission java.lang.RuntimePermission "accessUserInformation";
permission java.lang.RuntimePermission "getFileStoreAttributes";
};
grant codeBase "${derbyTesting.codejar}derbynet.jar"
{
//
// This permission lets the Network Server manage connections from clients.
//
permission java.net.SocketPermission "${derbyTesting.serverhost}:*", "accept, connect, resolve";
permission java.net.SocketPermission "localhost:*", "accept, connect, resolve";
permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
};
grant codeBase "${derbyTesting.testjar}derbyTesting.jar"
{
// Don't allow all properties to be read
permission java.util.PropertyPermission "derby.*", "read,write";
// Access all files
permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
// When running with useprocess=false need to install and uninstall
// the security manager and allow setIO to change the system err and out
// streams. Currently the nist suite runs with useprocess=false.
permission java.lang.RuntimePermission "setSecurityManager";
permission java.security.SecurityPermission "getPolicy";
permission java.lang.RuntimePermission "setIO";
};