J. Duke | 319a3b9 | 2007-12-01 00:00:00 +0000 | [diff] [blame^] | 1 | /* |
| 2 | * security policy used by the test process |
| 3 | */ |
| 4 | |
| 5 | grant codeBase "file:${java.home}/lib/ext/*" { |
| 6 | permission java.security.AllPermission; |
| 7 | }; |
| 8 | |
| 9 | grant { |
| 10 | // need to move some classes out of the tests classpath; specific to this test |
| 11 | permission java.io.FilePermission "${test.classes}", "read,write,delete"; |
| 12 | permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete"; |
| 13 | |
| 14 | // need to load custom security manager and activation group from a new codebase |
| 15 | permission java.io.FilePermission ".${/}codebase1", "read,write,delete"; |
| 16 | permission java.io.FilePermission ".${/}codebase1${/}-", "read,write"; |
| 17 | permission java.io.FilePermission ".${/}codebase2", "read,write,delete"; |
| 18 | permission java.io.FilePermission ".${/}codebase2${/}-", "read,write,delete"; |
| 19 | |
| 20 | // standard activation permissions |
| 21 | permission java.io.FilePermission "..${/}..${/}test.props", "read"; |
| 22 | |
| 23 | // test needs to cleanup rmid's log. |
| 24 | permission java.io.FilePermission ".${/}log", "read,write,delete"; |
| 25 | permission java.io.FilePermission ".${/}log${/}-", "read,write,delete"; |
| 26 | |
| 27 | // test needs to use java to exec an rmid |
| 28 | permission java.io.FilePermission "${java.home}${/}bin${/}java", "execute"; |
| 29 | |
| 30 | // test rmid uses these properties to propagate security values to rmid |
| 31 | permission java.util.PropertyPermission "java.security.policy", "read"; |
| 32 | permission java.util.PropertyPermission "java.security.manager", "read"; |
| 33 | |
| 34 | // used by TestLibrary to determine test environment |
| 35 | permission java.util.PropertyPermission "test.classes", "read"; |
| 36 | permission java.util.PropertyPermission "test.src", "read"; |
| 37 | permission java.util.PropertyPermission "user.dir", "read"; |
| 38 | permission java.util.PropertyPermission "java.home", "read"; |
| 39 | |
| 40 | // allow exporting of remote objects on an arbitrary port. |
| 41 | permission java.net.SocketPermission "*:1024-", "connect,accept,listen"; |
| 42 | }; |