jdk/test/javax/management/security/java.policy.authorization - edge/openjdk - Git at Google

 // Standard extensions get all permissions by default

 grant codeBase "file:${java.home}/lib/ext/*" {
 	permission java.security.AllPermission;
 };

 // default permissions granted to all domains
 grant {
 	// Allows any thread to stop itself using the java.lang.Thread.stop()
 	// method that takes no argument.
 	// Note that this permission is granted by default only to remain
 	// backwards compatible.
 	// It is strongly recommended that you either remove this permission
 	// from this policy file or further restrict it to code sources
 	// that you specify, because Thread.stop() is potentially unsafe.
 	// See "http://java.sun.com/notes" for more information.
 	permission java.lang.RuntimePermission "stopThread";

 	// allows anyone to listen on un-privileged ports
 	permission java.net.SocketPermission "localhost:1024-", "listen";

 	// "standard" properies that can be read by anyone

 	permission java.util.PropertyPermission "java.version", "read";
 	permission java.util.PropertyPermission "java.vendor", "read";
 	permission java.util.PropertyPermission "java.vendor.url", "read";
 	permission java.util.PropertyPermission "java.class.version", "read";
 	permission java.util.PropertyPermission "os.name", "read";
 	permission java.util.PropertyPermission "os.version", "read";
 	permission java.util.PropertyPermission "os.arch", "read";
 	permission java.util.PropertyPermission "file.separator", "read";
 	permission java.util.PropertyPermission "path.separator", "read";
 	permission java.util.PropertyPermission "line.separator", "read";

 	permission java.util.PropertyPermission "java.specification.version", "read";
 	permission java.util.PropertyPermission "java.specification.vendor", "read";
 	permission java.util.PropertyPermission "java.specification.name", "read";

 	permission java.util.PropertyPermission "java.vm.specification.version", "read";
 	permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
 	permission java.util.PropertyPermission "java.vm.specification.name", "read";
 	permission java.util.PropertyPermission "java.vm.version", "read";
 	permission java.util.PropertyPermission "java.vm.vendor", "read";
 	permission java.util.PropertyPermission "java.vm.name", "read";

        permission java.io.FilePermission "*","read,write";

 };

 grant codeBase "file:/-" {
 	permission java.security.AllPermission;
        permission java.io.FilePermission "*","read,write";
 };

 grant principal javax.management.remote.JMXPrincipal "SQE_username" {
     permission javax.management.MBeanServerPermission "*";
     permission javax.management.MBeanPermission "Simple", "instantiate";
     permission javax.management.MBeanPermission "Simple", "registerMBean";
 };

 grant principal javax.management.remote.JMXPrincipal "username1" {
     //
     // JMXPrincipals "username1" has all permissions.
     //
     permission java.security.AllPermission;
 };

 grant principal javax.management.remote.JMXPrincipal "username2" {
     //
     // JMXPrincipals "username2" has all permissions.
     //
     permission java.security.AllPermission;
 };

 grant principal javax.management.remote.JMXPrincipal "username3" {
     //
     // JMXPrincipals "username3" has some permissions.
     //
     permission javax.management.MBeanPermission "Simple", "instantiate";
     permission javax.management.MBeanPermission "Simple", "registerMBean";
     permission javax.management.MBeanPermission "Simple", "setAttribute";
     permission javax.management.MBeanPermission "Simple", "invoke";
 };

 grant principal javax.management.remote.JMXPrincipal "username4" {
     //
     // JMXPrincipals "username4" has all permissions.
     //
     permission javax.management.MBeanPermission "Simple", "instantiate";
     permission javax.management.MBeanPermission "Simple", "registerMBean";
     permission javax.management.MBeanPermission "Simple", "invoke";
 };

 grant principal javax.management.remote.JMXPrincipal "username5" {
     //
     // JMXPrincipals "username5" has no permissions.
     //
 };
	// Standard extensions get all permissions by default

	grant codeBase "file:${java.home}/lib/ext/*" {
	permission java.security.AllPermission;
	};

	// default permissions granted to all domains
	grant {
	// Allows any thread to stop itself using the java.lang.Thread.stop()
	// method that takes no argument.
	// Note that this permission is granted by default only to remain
	// backwards compatible.
	// It is strongly recommended that you either remove this permission
	// from this policy file or further restrict it to code sources
	// that you specify, because Thread.stop() is potentially unsafe.
	// See "http://java.sun.com/notes" for more information.
	permission java.lang.RuntimePermission "stopThread";

	// allows anyone to listen on un-privileged ports
	permission java.net.SocketPermission "localhost:1024-", "listen";

	// "standard" properies that can be read by anyone

	permission java.util.PropertyPermission "java.version", "read";
	permission java.util.PropertyPermission "java.vendor", "read";
	permission java.util.PropertyPermission "java.vendor.url", "read";
	permission java.util.PropertyPermission "java.class.version", "read";
	permission java.util.PropertyPermission "os.name", "read";
	permission java.util.PropertyPermission "os.version", "read";
	permission java.util.PropertyPermission "os.arch", "read";
	permission java.util.PropertyPermission "file.separator", "read";
	permission java.util.PropertyPermission "path.separator", "read";
	permission java.util.PropertyPermission "line.separator", "read";

	permission java.util.PropertyPermission "java.specification.version", "read";
	permission java.util.PropertyPermission "java.specification.vendor", "read";
	permission java.util.PropertyPermission "java.specification.name", "read";

	permission java.util.PropertyPermission "java.vm.specification.version", "read";
	permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
	permission java.util.PropertyPermission "java.vm.specification.name", "read";
	permission java.util.PropertyPermission "java.vm.version", "read";
	permission java.util.PropertyPermission "java.vm.vendor", "read";
	permission java.util.PropertyPermission "java.vm.name", "read";

	permission java.io.FilePermission "*","read,write";

	};

	grant codeBase "file:/-" {
	permission java.security.AllPermission;
	permission java.io.FilePermission "*","read,write";
	};

	grant principal javax.management.remote.JMXPrincipal "SQE_username" {
	permission javax.management.MBeanServerPermission "*";
	permission javax.management.MBeanPermission "Simple", "instantiate";
	permission javax.management.MBeanPermission "Simple", "registerMBean";
	};

	grant principal javax.management.remote.JMXPrincipal "username1" {
	//
	// JMXPrincipals "username1" has all permissions.
	//
	permission java.security.AllPermission;
	};

	grant principal javax.management.remote.JMXPrincipal "username2" {
	//
	// JMXPrincipals "username2" has all permissions.
	//
	permission java.security.AllPermission;
	};

	grant principal javax.management.remote.JMXPrincipal "username3" {
	//
	// JMXPrincipals "username3" has some permissions.
	//
	permission javax.management.MBeanPermission "Simple", "instantiate";
	permission javax.management.MBeanPermission "Simple", "registerMBean";
	permission javax.management.MBeanPermission "Simple", "setAttribute";
	permission javax.management.MBeanPermission "Simple", "invoke";
	};

	grant principal javax.management.remote.JMXPrincipal "username4" {
	//
	// JMXPrincipals "username4" has all permissions.
	//
	permission javax.management.MBeanPermission "Simple", "instantiate";
	permission javax.management.MBeanPermission "Simple", "registerMBean";
	permission javax.management.MBeanPermission "Simple", "invoke";
	};

	grant principal javax.management.remote.JMXPrincipal "username5" {
	//
	// JMXPrincipals "username5" has no permissions.
	//
	};