[jboss-cvs] JBoss Messaging SVN: r5776 - trunk/tests/config.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Feb 2 10:04:42 EST 2009
Author: jmesnil
Date: 2009-02-02 10:04:41 -0500 (Mon, 02 Feb 2009)
New Revision: 5776
Modified:
trunk/tests/config/restricted-security-client.policy
Log:
JBMESSAGING-806: Allow JBM client to run in a jnlp (or other) sandbox
* only 2 permissions are mandatory, all the others are optional and can be omitted without any significant loss of functionality (e.g. emulated random generator instead of using /dev/random)
Modified: trunk/tests/config/restricted-security-client.policy
===================================================================
--- trunk/tests/config/restricted-security-client.policy 2009-02-02 14:45:07 UTC (rev 5775)
+++ trunk/tests/config/restricted-security-client.policy 2009-02-02 15:04:41 UTC (rev 5776)
@@ -1,36 +1,7 @@
grant {
// Allow everything for now
//permission java.security.AllPermission;
-
- permission java.util.PropertyPermission "*", "read";
- permission java.util.PropertyPermission "user.timezone", "write";
permission java.lang.RuntimePermission "accessDeclaredMembers";
- permission java.lang.RuntimePermission "modifyThread";
- permission java.lang.RuntimePermission "selectorProvider";
- permission java.lang.RuntimePermission "loadLibrary.net";
- permission java.lang.RuntimePermission "loadLibrary.nio";
- permission java.lang.RuntimePermission "loadLibrary.management";
- permission java.lang.RuntimePermission "accessClassInPackage.sun.security.provider";
- permission java.lang.RuntimePermission "accessClassInPackage.sun.text.resources";
-
- permission java.net.SocketPermission "*", "connect,resolve";
-
- permission java.net.NetPermission "specifyStreamHandler";
-
- permission java.io.FilePermission "/dev/random", "read, write";
- permission java.io.FilePermission "/dev/urandom", "read";
- permission java.io.FilePermission "${user.dir}/-", "read";
- permission java.io.FilePermission "tests/-", "write";
- permission java.io.FilePermission "${java.home}/-", "read";
-
- permission java.security.SecurityPermission "getProperty.networkaddress.cache.*";
- permission java.security.SecurityPermission "getProperty.security.provider.*";
- permission java.security.SecurityPermission "getPolicy";
- permission java.security.SecurityPermission "getProperty.securerandom.source";
- permission java.security.SecurityPermission "putProviderProperty.SUN";
-
- permission java.util.logging.LoggingPermission "control";
-
- permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+ permission java.net.SocketPermission "*:1024-", "connect";
};
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list