summaryrefslogtreecommitdiffstats
path: root/base/common/shared/conf/pki.policy
diff options
context:
space:
mode:
Diffstat (limited to 'base/common/shared/conf/pki.policy')
-rw-r--r--base/common/shared/conf/pki.policy188
1 files changed, 188 insertions, 0 deletions
diff --git a/base/common/shared/conf/pki.policy b/base/common/shared/conf/pki.policy
new file mode 100644
index 000000000..d26598671
--- /dev/null
+++ b/base/common/shared/conf/pki.policy
@@ -0,0 +1,188 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// Copyright (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+// ============================================================================
+// pki.policy - Default Security Policy Permissions for PKI on Tomcat 7
+//
+// This file contains a default set of security policies for PKI running inside
+// Tomcat 7.
+// ============================================================================
+
+grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.util.logging.resources";
+};
+
+grant codeBase "file:${catalina.base}/bin/bootstrap.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${catalina.base}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/lib/java/jss4.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/lib64/java/jss4.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/commons-codec.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/apache-commons-collections.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/apache-commons-lang.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/apache-commons-logging.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/ecj.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/eclipse/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/glassfish-jsp.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/httpcomponents/httpclient.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/httpcomponents/httpcore.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/javassist.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/jaxb-api.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/jaxme/jaxmeapi.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/jaxp_parser_impl.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/jboss-web.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/jettison.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/ldapjdk.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/log4j.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/resteasy/jaxrs-api.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/resteasy/resteasy-atom-provider.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/resteasy/resteasy-jaxb-provider.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/resteasy/resteasy-jaxrs.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/resteasy/resteasy-jettison-provider.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/scannotation.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/servlet.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/tomcat/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/tomcat7jss.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/tomcat-el-api.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/tomcat-servlet-api.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/velocity.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/xerces-j2.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/xml-commons-apis.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/xml-commons-resolver.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/pki/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${catalina.base}/webapps/pki/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${catalina.base}/webapps/ca/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${catalina.base}/webapps/kra/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${catalina.base}/webapps/ocsp/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${catalina.base}/webapps/tks/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${catalina.base}/webapps/ROOT/-" {
+ permission java.security.AllPermission;
+};
+