• Home
• io.snappydata
• snappydata-store-core
• 1.6.3
• source code
• server.policy

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.pivotal.gemfirexd.internal.drda.server.policy Maven / Gradle / Ivy

//
//   Licensed to the Apache Software Foundation (ASF) under one or more
//   contributor license agreements.  See the NOTICE file distributed with
//   this work for additional information regarding copyright ownership.
//   The ASF licenses this file to You under the Apache License, Version 2.0
//   (the "License"); you may not use this file except in compliance with
//   the License.  You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
//   Unless required by applicable law or agreed to in writing, software
//   distributed under the License is distributed on an "AS IS" BASIS,
//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
//   See the License for the specific language governing permissions and
//   limitations under the License.
//

grant codeBase "${gemfirexd.install.url}gemfirexd.jar"
{
//
// These permissions are needed for everyday, embedded Derby usage.
//
  permission java.lang.RuntimePermission "createClassLoader";
  permission java.util.PropertyPermission "gemfirexd.*", "read";
  permission java.util.PropertyPermission "user.dir", "read";
  permission java.util.PropertyPermission "gemfirexd.storage.jvmInstanceId", 
      "write"; 
  permission java.io.FilePermission "${gemfirexd.system.home}","read";
  permission java.io.FilePermission "${gemfirexd.system.home}${/}-", "read,write,delete";

//
// This permission lets you backup and restore databases
// to and from arbitrary locations in your file system.
//
// This permission also lets you import/export data to and from
// arbitrary locations in your file system.
//
// You may want to restrict this access to specific directories.
//
  permission java.io.FilePermission "<>", "read,write,delete";

//
// Needed by sysinfo. The file permission is needed to
// check the existence of jars on the classpath. You can
// limit this permission to just the locations which hold
// your jar files. This block is reproduced for all codebases
// which include the sysinfo classes--the policy file syntax
// does not let you grant permissions to several codebases
// all at once.
//
  permission java.util.PropertyPermission "user.*", "read";
  permission java.util.PropertyPermission "java.home", "read";
  permission java.util.PropertyPermission "java.class.path", "read";
  permission java.lang.RuntimePermission "getProtectionDomain";
  permission java.io.FilePermission "<>", "read";

//
// Permissions needed for JMX based management and monitoring, which is only
// available for JVMs supporting "platform management", that is J2SE 5.0 or better.
//
// Allows this code to create an MBeanServer:
//
  permission javax.management.MBeanServerPermission "createMBeanServer";
//
// Allows access to Derby's built-in MBeans, within the domain com.pivotal.gemfirexd.internal.
// Derby must be allowed to register and unregister these MBeans.
// To fine tune this permission, see the javadoc of javax.management.MBeanPermission
// or the JMX Instrumentation and Agent Specification.
//
  permission javax.management.MBeanPermission "com.pivotal.gemfirexd.internal.*#[com.pivotal.gemfirexd.internal:*]","registerMBean,unregisterMBean";
//
// Trusts Derby code to be a source of MBeans and to register these in the MBean server.
//
  permission javax.management.MBeanTrustPermission "register";
  
  // Gives permission for jmx to be used against Derby but
  // only if JMX authentication is not being used.
  // In that case the application would need to create
  // a whole set of fine-grained permissions to allow specific
  // users access to MBeans and actions they perform.
  permission com.pivotal.gemfirexd.internal.security.SystemPermission "jmx", "control";
  permission com.pivotal.gemfirexd.internal.security.SystemPermission "engine", "monitor";
  permission com.pivotal.gemfirexd.internal.security.SystemPermission "server", "monitor";

//};

//grant codeBase "${gemfirexd.install.url}gemfirexd.jar"
//{
//
// This permission lets the Network Server manage connections from clients.
//

// Accept connections from any host. Derby is listening to the host
// interface specified via the -h option to "NetworkServerControl
// start" on the command line, via the address parameter to the
// com.pivotal.gemfirexd.internal.drda.NetworkServerControl constructor in the API
// or via the property gemfirexd.drda.host; the default is localhost.
// You may want to restrict allowed hosts, e.g. to hosts in a specific
// subdomain, e.g. "*.acme.com".

  permission java.net.SocketPermission "*", "accept"; 

//
// Needed for server tracing.
//
  permission java.io.FilePermission "${gemfirexd.drda.traceDirectory}${/}-", "read,write,delete";
  
  // Needed for NetworkServerMBean access (see JMX section above)
  permission com.pivotal.gemfirexd.internal.security.SystemPermission "server", "control,monitor";

//
// Needed by sysinfo. The file permission is needed to
// check the existence of jars on the classpath. You can
// limit this permission to just the locations which hold
// your jar files. This block is reproduced for all codebases
// which include the sysinfo classes--the policy file syntax
// does not let you grant permissions to several codebases
// all at once.
//
  permission java.util.PropertyPermission "user.*", "read";
  permission java.util.PropertyPermission "java.home", "read";
  permission java.util.PropertyPermission "java.class.path", "read";
  permission java.lang.RuntimePermission "getProtectionDomain";
  permission java.io.FilePermission "<>", "read";
};


grant codeBase "${gemfirexd.install.url}gemfirexd-tools.jar"
{
//
// Needed by sysinfo. The file permission is needed to
// check the existence of jars on the classpath. You can
// limit this permission to just the locations which hold
// your jar files. This block is for all codebases
// which include the sysinfo classes--the policy file syntax
// does not let you grant permissions to several codebases
// all at once.
//
  permission java.util.PropertyPermission "user.*", "read";
  permission java.util.PropertyPermission "java.home", "read";
  permission java.util.PropertyPermission "java.class.path", "read";
  permission java.lang.RuntimePermission "getProtectionDomain";
  permission java.io.FilePermission "<>", "read";
};

grant codeBase "${gemfirexd.install.url}gemfirexd-client.jar"
{
//
// Needed by sysinfo. The file permission is needed to
// check the existence of jars on the classpath. You can
// limit this permission to just the locations which hold
// your jar files. This block is reproduced for all codebases
// which include the sysinfo classes--the policy file syntax
// does not let you grant permissions to several codebases
// all at once.
//
  permission java.util.PropertyPermission "user.*", "read";
  permission java.util.PropertyPermission "java.home", "read";
  permission java.util.PropertyPermission "java.class.path", "read";
  permission java.lang.RuntimePermission "getProtectionDomain";
  permission java.io.FilePermission "<>", "read";
};