java/testing/org/apache/derbyTesting/functionTests/util/nwsvr.policy - derby - Git at Google

 //
 //   Licensed to the Apache Software Foundation (ASF) under one or more
 //   contributor license agreements.  See the NOTICE file distributed with
 //   this work for additional information regarding copyright ownership.
 //   The ASF licenses this file to You under the Apache License, Version 2.0
 //   (the "License"); you may not use this file except in compliance with
 //   the License.  You may obtain a copy of the License at
 //
 //      http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //

 //Recommended set of permissions to start & use the network server,
 //assuming the '${derby.codebase}${/}-' directory has been secured.
 //Fine tune based on your environment settings
 grant codeBase "file:${csinfo.codebase}/-" {
 permission java.io.FilePermission "${derby.system.home}",
 	"read, write, delete";
 permission java.io.FilePermission "${derby.system.home}${/}-",
  	"read, write, delete";

 permission java.util.PropertyPermission "derby.debug.false", "read, write";
 permission java.util.PropertyPermission "derby.debug.true", "read, write";
 permission java.util.PropertyPermission "derby.*", "read, write";
 permission java.util.PropertyPermission "derby.storage.jvmInstanceId",
       "write";

 permission java.lang.RuntimePermission "createClassLoader";

 // getProectionDomain is an optional permission needed to printing classpath
 // information to derby.log
 permission java.lang.RuntimePermission "getProtectionDomain";

 // These permissions are needed to load the JCE for encryption with JDK131.
 // JDK14 has the JCE  preloaded
 permission java.security.SecurityPermission "createAccessControlContext";
 permission java.security.SecurityPermission "insertProvider.SunJCE";


 // network server permissions
 permission java.net.SocketPermission "127.0.0.1",
  	"accept";
 permission java.net.SocketPermission "localhost",
  	"accept";
 permission java.net.SocketPermission "${csinfo.serverhost}",
  	"accept";
 permission java.net.SocketPermission "${csinfo.trustedhost}",
  	"accept";

 // Just for the debug build. not needed for jars
 permission java.lang.RuntimePermission "accessDeclaredMembers";

 };

 //Required set of permissions to stop the network server, assuming you have
 // secured the '${csinfo.codebase}${/}-' directory
 //Remember to fine tune this as per your environment.
 grant codeBase "file:${csinfo.codebase}/-"  {
 permission java.net.SocketPermission "localhost", "connect, resolve";
  //The following is required if the server is started with the -h option
 //(else shutdown access will be denied)
 permission java.net.SocketPermission "${csinfo.serverhost}",
 	"connect, resolve";
 };


 // These permissions are needed for sysinfo to allow the jars to be looked at
 grant codeBase "file:${csinfo.codebase}/-"  {
  permission java.io.FilePermission "${csinfo.codebase}/derby.jar", "read";
  permission java.io.FilePermission "${csinfo.codebase}/derbynet.jar", "read";
  permission java.io.FilePermission "${csinfo.codebase}/derbyclient.jar", "read";
  permission java.io.FilePermission "${csinfo.codebase}/db2jcc.jar", "read";
  permission java.io.FilePermission "${csinfo.codebase}/db2jcc_license_c.jar", "read";
  permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_de_DE.jar", "read";
  permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_es.jar", "read";
  permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_fr.jar", "read";
  permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_it.jar", "read";
  permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_ja_JP.jar", "read";
  permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_ko_KR.jar", "read";
  permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_pt_BR.jar", "read";
  permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_zh_CN.jar", "read";
  permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_zh_TW.jar", "read";


 };

 // Just for the tests
 grant {
 	// accessDeclaredMembers only needed for debug build
 	permission java.lang.RuntimePermission "accessDeclaredMembers";
 	permission java.util.PropertyPermission "derby.database.mode", "read, write";

 	// need acces to socket for ldap tests
 	permission java.net.SocketPermission "yourldaphost.yourdomain.com",
 	"connect, resolve";

 	// tests like import/export need file write permission
 	permission java.io.FilePermission "${user.dir}${/}-", "read, write, delete";

 	};
	//
	// Licensed to the Apache Software Foundation (ASF) under one or more
	// contributor license agreements. See the NOTICE file distributed with
	// this work for additional information regarding copyright ownership.
	// The ASF licenses this file to You under the Apache License, Version 2.0
	// (the "License"); you may not use this file except in compliance with
	// the License. You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	//

	//Recommended set of permissions to start & use the network server,
	//assuming the '${derby.codebase}${/}-' directory has been secured.
	//Fine tune based on your environment settings
	grant codeBase "file:${csinfo.codebase}/-" {
	permission java.io.FilePermission "${derby.system.home}",
	"read, write, delete";
	permission java.io.FilePermission "${derby.system.home}${/}-",
	"read, write, delete";

	permission java.util.PropertyPermission "derby.debug.false", "read, write";
	permission java.util.PropertyPermission "derby.debug.true", "read, write";
	permission java.util.PropertyPermission "derby.*", "read, write";
	permission java.util.PropertyPermission "derby.storage.jvmInstanceId",
	"write";

	permission java.lang.RuntimePermission "createClassLoader";

	// getProectionDomain is an optional permission needed to printing classpath
	// information to derby.log
	permission java.lang.RuntimePermission "getProtectionDomain";

	// These permissions are needed to load the JCE for encryption with JDK131.
	// JDK14 has the JCE preloaded
	permission java.security.SecurityPermission "createAccessControlContext";
	permission java.security.SecurityPermission "insertProvider.SunJCE";


	// network server permissions
	permission java.net.SocketPermission "127.0.0.1",
	"accept";
	permission java.net.SocketPermission "localhost",
	"accept";
	permission java.net.SocketPermission "${csinfo.serverhost}",
	"accept";
	permission java.net.SocketPermission "${csinfo.trustedhost}",
	"accept";

	// Just for the debug build. not needed for jars
	permission java.lang.RuntimePermission "accessDeclaredMembers";

	};

	//Required set of permissions to stop the network server, assuming you have
	// secured the '${csinfo.codebase}${/}-' directory
	//Remember to fine tune this as per your environment.
	grant codeBase "file:${csinfo.codebase}/-" {
	permission java.net.SocketPermission "localhost", "connect, resolve";
	//The following is required if the server is started with the -h option
	//(else shutdown access will be denied)
	permission java.net.SocketPermission "${csinfo.serverhost}",
	"connect, resolve";
	};


	// These permissions are needed for sysinfo to allow the jars to be looked at
	grant codeBase "file:${csinfo.codebase}/-" {
	permission java.io.FilePermission "${csinfo.codebase}/derby.jar", "read";
	permission java.io.FilePermission "${csinfo.codebase}/derbynet.jar", "read";
	permission java.io.FilePermission "${csinfo.codebase}/derbyclient.jar", "read";
	permission java.io.FilePermission "${csinfo.codebase}/db2jcc.jar", "read";
	permission java.io.FilePermission "${csinfo.codebase}/db2jcc_license_c.jar", "read";
	permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_de_DE.jar", "read";
	permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_es.jar", "read";
	permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_fr.jar", "read";
	permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_it.jar", "read";
	permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_ja_JP.jar", "read";
	permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_ko_KR.jar", "read";
	permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_pt_BR.jar", "read";
	permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_zh_CN.jar", "read";
	permission java.io.FilePermission "${csinfo.codebase}/derbyLocale_zh_TW.jar", "read";


	};

	// Just for the tests
	grant {
	// accessDeclaredMembers only needed for debug build
	permission java.lang.RuntimePermission "accessDeclaredMembers";
	permission java.util.PropertyPermission "derby.database.mode", "read, write";

	// need acces to socket for ldap tests
	permission java.net.SocketPermission "yourldaphost.yourdomain.com",
	"connect, resolve";

	// tests like import/export need file write permission
	permission java.io.FilePermission "${user.dir}${/}-", "read, write, delete";

	};