Google Git
Sign in
apache / derby / 9ae3e17b15061da904f3e3d0315afd5edc9446fe / . / java / org.apache.derby.server / org / apache / derby / drda / server.policy
blob: d2857216196b612154acebc7a86e0917e6bf0b33 [file] [log] [blame]
//
// Licensed to the Apache Software Foundation (ASF) under one or more
// contributor license agreements. See the NOTICE file distributed with
// this work for additional information regarding copyright ownership.
// The ASF licenses this file to You under the Apache License, Version 2.0
// (the "License"); you may not use this file except in compliance with
// the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
grant codeBase "${derby.install.url}derby.jar"
{
// These permissions are needed for everyday, embedded Derby usage.
//
permission java.lang.RuntimePermission "createClassLoader";
permission java.util.PropertyPermission "derby.*", "read";
permission java.util.PropertyPermission "user.dir", "read";
permission org.apache.derby.shared.common.security.SystemPermission "engine", "usederbyinternals";
// The next two properties are used to determine if the VM is 32 or 64 bit.
//
permission java.util.PropertyPermission "sun.arch.data.model", "read";
permission java.util.PropertyPermission "os.arch", "read";
permission java.io.FilePermission "${derby.system.home}","read";
permission java.io.FilePermission "${derby.system.home}${/}-",
"read,write,delete";
// Needed by sysinfo. A file permission is needed to check the existence of
// jars on the classpath. You can limit this permission to just the locations
// which hold your jar files. This block is reproduced for all codebases
// which include the sysinfo classes--the policy file syntax does not let you
// grant permissions to several codebases all at once.
//
permission java.util.PropertyPermission "user.*", "read";
permission java.util.PropertyPermission "java.home", "read";
permission java.util.PropertyPermission "java.class.path", "read";
permission java.util.PropertyPermission "java.runtime.version", "read";
permission java.util.PropertyPermission "java.fullversion", "read";
permission java.lang.RuntimePermission "getProtectionDomain";
permission java.io.FilePermission "java.runtime.version", "read";
permission java.io.FilePermission "java.fullversion", "read";
permission java.io.FilePermission "${derby.install.path}${/}-", "read";
// Permissions needed for JMX based management and monitoring.
//
// Allows this code to create an MBeanServer:
//
permission javax.management.MBeanServerPermission "createMBeanServer";
// Allows access to Derby's built-in MBeans, within the domain
// org.apache.derby. Derby must be allowed to register and unregister these
// MBeans. To fine tune this permission, see the javadoc of
// javax.management.MBeanPermission or the JMX Instrumentation and Agent
// Specification.
//
permission javax.management.MBeanPermission
"org.apache.derby.*#[org.apache.derby:*]",
"registerMBean,unregisterMBean";
// Trusts Derby code to be a source of MBeans and to register these in the
// MBean server.
//
permission javax.management.MBeanTrustPermission "register";
// Gives permission for jmx to be used against Derby but only if JMX
// authentication is not being used. In that case the application would need
// to create a whole set of fine-grained permissions to allow specific users
// access to MBeans and actions they perform.
//
permission org.apache.derby.shared.common.security.SystemPermission "jmx", "control";
permission org.apache.derby.shared.common.security.SystemPermission "engine", "monitor";
permission org.apache.derby.shared.common.security.SystemPermission "server", "monitor";
// getProtectionDomain is an optional permission needed for printing
// classpath information to derby.log
//
permission java.lang.RuntimePermission "getProtectionDomain";
// The following permission must be granted for Connection.abort(Executor) to
// work. Note that this permission must also be granted to outer
// (application) code domains.
//
permission java.sql.SQLPermission "callAbort";
// Needed by FileUtil#limitAccessToOwner
//
permission java.lang.RuntimePermission "accessUserInformation";
permission java.lang.RuntimePermission "getFileStoreAttributes";
};
//
// Permissions for shared code (derbyshared.jar)
//
grant codeBase "${derby.install.url}derbyshared.jar" {
permission java.util.PropertyPermission "jdk.module.path", "read";
//
// Permissions needed for JMX based management and monitoring, which is only
// available for JVMs supporting "platform management", that is J2SE 5.0 or better.
//
// Gives permission for jmx to be used against Derby but
// only if JMX authentication is not being used.
// In that case the application would need to create
// a whole set of fine-grained permissions to allow specific
// users access to MBeans and actions they perform.
permission org.apache.derby.shared.common.security.SystemPermission "engine", "monitor";
permission org.apache.derby.shared.common.security.SystemPermission "server", "monitor";
};
grant codeBase "${derby.install.url}derbynet.jar"
{
// These permissions lets the Network Server manage connections from clients.
// Accept connections from any host. Derby is listening to the host interface
// specified via the -h option to "NetworkServerControl start" on the command
// line, via the address parameter to the
// org.apache.derby.drda.NetworkServerControl constructor in the API or via
// the property derby.drda.host; the default is localhost. You may want to
// restrict allowed hosts, e.g. to hosts in a specific subdomain,
// e.g. "*.example.com".
//
permission java.net.SocketPermission "*", "accept";
// Allow the server to listen to the socket on the port specified with the
// -p option to "NetworkServerControl start" on the command line, or with
// the portNumber parameter to the NetworkServerControl constructor in the
// API, or with the property derby.drda.portNumber. The default is 1527.
permission java.net.SocketPermission "localhost:${derby.security.port}",
"listen";
// Needed for server tracing.
//
permission java.io.FilePermission "${derby.drda.traceDirectory}${/}-",
"read,write,delete";
// Needed by FileUtil#limitAccessToOwner
//
permission java.lang.RuntimePermission "accessUserInformation";
permission java.lang.RuntimePermission "getFileStoreAttributes";
// Needed for NetworkServerMBean access (see JMX section above)
//
permission org.apache.derby.shared.common.security.SystemPermission "server",
"control,monitor";
permission org.apache.derby.shared.common.security.SystemPermission "engine", "usederbyinternals";
// Needed by sysinfo. A file permission is needed to check the existence of
// jars on the classpath. You can limit this permission to just the locations
// which hold your jar files. This block is reproduced for all codebases
// which include the sysinfo classes--the policy file syntax does not let you
// grant permissions to several codebases all at once.
//
permission java.util.PropertyPermission "user.*", "read";
permission java.util.PropertyPermission "java.home", "read";
permission java.util.PropertyPermission "java.class.path", "read";
permission java.util.PropertyPermission "java.runtime.version", "read";
permission java.util.PropertyPermission "java.fullversion", "read";
permission java.lang.RuntimePermission "getProtectionDomain";
permission java.io.FilePermission "java.runtime.version", "read";
permission java.io.FilePermission "java.fullversion", "read";
permission java.io.FilePermission "${derby.install.path}${/}-", "read";
};
grant codeBase "${derby.install.url}derbytools.jar"
{
// Needed by sysinfo. A file permission is needed to check the existence of
// jars on the classpath. You can limit this permission to just the locations
// which hold your jar files. This block is for all codebases which include
// the sysinfo classes--the policy file syntax does not let you grant
// permissions to several codebases all at once.
//
permission java.util.PropertyPermission "user.*", "read";
permission java.util.PropertyPermission "java.home", "read";
permission java.util.PropertyPermission "java.class.path", "read";
permission java.util.PropertyPermission "java.runtime.version", "read";
permission java.util.PropertyPermission "java.fullversion", "read";
permission java.lang.RuntimePermission "getProtectionDomain";
permission java.io.FilePermission "<<ALL FILES>>", "read";
permission java.io.FilePermission "java.runtime.version", "read";
permission java.io.FilePermission "java.fullversion", "read";
permission org.apache.derby.shared.common.security.SystemPermission "engine", "usederbyinternals";
};
grant codeBase "${derby.install.url}derbyclient.jar"
{
// Needed by sysinfo. A file permission is needed to check the existence of
// jars on the classpath. You can limit this permission to just the locations
// which hold your jar files. This block is reproduced for all codebases
// which include the sysinfo classes--the policy file syntax does not let you
// grant permissions to several codebases all at once.
//
permission java.util.PropertyPermission "user.*", "read";
permission java.util.PropertyPermission "java.home", "read";
permission java.util.PropertyPermission "java.class.path", "read";
permission java.util.PropertyPermission "java.runtime.version", "read";
permission java.util.PropertyPermission "java.fullversion", "read";
permission java.lang.RuntimePermission "getProtectionDomain";
permission java.io.FilePermission "${derby.install.path}${/}-", "read";
// The following permission must be granted for Connection.abort(Executor) to
// work. Note that this permission must also be granted to outer
// (application) code domains.
//
permission java.sql.SQLPermission "callAbort";
};