diff options
Diffstat (limited to 'base/common/shared/conf/pki.policy')
-rw-r--r-- | base/common/shared/conf/pki.policy | 188 |
1 files changed, 188 insertions, 0 deletions
diff --git a/base/common/shared/conf/pki.policy b/base/common/shared/conf/pki.policy new file mode 100644 index 000000000..d26598671 --- /dev/null +++ b/base/common/shared/conf/pki.policy @@ -0,0 +1,188 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// Copyright (C) 2012 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +// ============================================================================ +// pki.policy - Default Security Policy Permissions for PKI on Tomcat 7 +// +// This file contains a default set of security policies for PKI running inside +// Tomcat 7. +// ============================================================================ + +grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" { + permission java.lang.RuntimePermission "accessClassInPackage.sun.util.logging.resources"; +}; + +grant codeBase "file:${catalina.base}/bin/bootstrap.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${catalina.base}/lib/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/lib/java/jss4.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/lib64/java/jss4.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/commons-codec.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/apache-commons-collections.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/apache-commons-lang.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/apache-commons-logging.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/ecj.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/eclipse/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/glassfish-jsp.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/httpcomponents/httpclient.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/httpcomponents/httpcore.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/javassist.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/jaxb-api.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/jaxme/jaxmeapi.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/jaxp_parser_impl.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/jboss-web.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/jettison.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/ldapjdk.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/log4j.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/resteasy/jaxrs-api.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/resteasy/resteasy-atom-provider.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/resteasy/resteasy-jaxb-provider.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/resteasy/resteasy-jaxrs.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/resteasy/resteasy-jettison-provider.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/scannotation.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/servlet.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/tomcat/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/tomcat7jss.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/tomcat-el-api.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/tomcat-servlet-api.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/velocity.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/xerces-j2.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/xml-commons-apis.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/xml-commons-resolver.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/pki/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${catalina.base}/webapps/pki/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${catalina.base}/webapps/ca/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${catalina.base}/webapps/kra/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${catalina.base}/webapps/ocsp/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${catalina.base}/webapps/tks/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${catalina.base}/webapps/ROOT/-" { + permission java.security.AllPermission; +}; + |