Granting permissions to rt.jar

Question

We are not using the default Java security policy because it permits things we want to prohibit. So we have our own policy file which generally doesn't allow reading from anywhere...

But this means that rt.jar itself can't read from files when it needs to, which is bad.

So I added the following rules:

grant codeBase "file:${java.home}/lib/rt.jar" {
  permission java.security.AllPermission;
};
grant codeBase "file:${java.home}/jre/lib/rt.jar" {
  permission java.security.AllPermission;
};

I wasn't sure if java.home would be to the JDK or the JRE, so I set both. But when I run my tests, I still get a security exception when rt.jar is trying to read from files.

Obviously I'm doing something wrong, so I'm hoping that someone else can spot my typo.

I have tried:

• Adding / after file:
• Adding jar: before file: and !/- after .jar

Answer 1

I don't think you can remove permissions from system classes ( null ClassLoader and null ProtectionDomain , so no CodeSource ).

I guess you are misunderstanding the Java 2 Security Model (easily done as no one really understands it). The security checking is done (except for a few select methods) by checking through all the frames in the stack (roughly speaking). Each frame tested must have the permission. If there's just one frame down the stack somewhere that doesn't have the permission, then the check fails.

(You could have a SecurityManager that always refused certain permissions before consulting AccessController .)