pki-server 10.6.0-1ubuntu2 / usr / share / pki / server / conf / pki.policy

This file is indexed.

/usr/share/pki/server/conf/pki.policy is in pki-server 10.6.0-1ubuntu2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
// --- BEGIN COPYRIGHT BLOCK ---
// Copyright (C) 2012 Red Hat, Inc.
// All rights reserved.
// --- END COPYRIGHT BLOCK ---

// ============================================================================
// pki.policy - Default Security Policy Permissions for PKI on Tomcat
//
// This file contains a default set of security policies for PKI running inside
// Tomcat.
// ============================================================================

grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
        permission java.lang.RuntimePermission "accessClassInPackage.sun.util.logging.resources";

        // Allow Tomcat JULI to read subsystem logging configuration.
        permission java.io.FilePermission "/usr/share/pki/server/webapps/pki/WEB-INF/classes/logging.properties", "read";
        permission java.io.FilePermission "/usr/share/pki/ca/webapps/ca/WEB-INF/classes/logging.properties", "read";
        permission java.io.FilePermission "/usr/share/pki/kra/webapps/kra/WEB-INF/classes/logging.properties", "read";
        permission java.io.FilePermission "/usr/share/pki/ocsp/webapps/ocsp/WEB-INF/classes/logging.properties", "read";
        permission java.io.FilePermission "/usr/share/pki/tks/webapps/tks/WEB-INF/classes/logging.properties", "read";
        permission java.io.FilePermission "/usr/share/pki/tps/webapps/tps/WEB-INF/classes/logging.properties", "read";

        // Allow Tomcat JULI to generate subsystem log files.
        permission java.io.FilePermission "${catalina.base}/logs/pki/-", "read,write";
        permission java.io.FilePermission "${catalina.base}/logs/ca/-", "read,write";
        permission java.io.FilePermission "${catalina.base}/logs/kra/-", "read,write";
        permission java.io.FilePermission "${catalina.base}/logs/ocsp/-", "read,write";
        permission java.io.FilePermission "${catalina.base}/logs/tks/-", "read,write";
        permission java.io.FilePermission "${catalina.base}/logs/tps/-", "read,write";
};

grant codeBase "file:${catalina.base}/bin/bootstrap.jar" {
        permission java.security.AllPermission;
};

grant codeBase "file:${catalina.base}/lib/-" {
        permission java.security.AllPermission;
};

grant codeBase "file:/usr/share/java/ecj.jar" {
        permission java.security.AllPermission;
};

grant codeBase "file:/usr/share/java/eclipse/-" {
        permission java.security.AllPermission;
};

grant codeBase "file:/usr/share/java/glassfish-jsp.jar" {
        permission java.security.AllPermission;
};

grant codeBase "file:/usr/share/java/jaxb-api.jar" {
        permission java.security.AllPermission;
};

grant codeBase "file:/usr/share/java/jaxme/jaxmeapi.jar" {
        permission java.security.AllPermission;
};

grant codeBase "file:/usr/share/java/jaxp_parser_impl.jar" {
        permission java.security.AllPermission;
};

grant codeBase "file:/usr/share/java/jboss-web.jar" {
        permission java.security.AllPermission;
};

grant codeBase "file:/usr/share/java/log4j.jar" {
        permission java.security.AllPermission;
};

grant codeBase "file:/usr/share/java/servlet.jar" {
        permission java.security.AllPermission;
};

grant codeBase "file:/usr/share/java/tomcat/-" {
        permission java.security.AllPermission;
};

grant codeBase "file:/usr/share/java/tomcat-el-api.jar" {
        permission java.security.AllPermission;
};

grant codeBase "file:/usr/share/java/tomcat-servlet-api.jar" {
        permission java.security.AllPermission;
};

grant codeBase "file:/usr/share/java/pki/-" {
        permission java.security.AllPermission;
};

grant codeBase "file:${catalina.base}/webapps/pki/-" {
        permission java.security.AllPermission;
};

grant codeBase "file:${catalina.base}/webapps/ca/-" {
        permission java.security.AllPermission;
};

grant codeBase "file:${catalina.base}/webapps/kra/-" {
        permission java.security.AllPermission;
};

grant codeBase "file:${catalina.base}/webapps/ocsp/-" {
        permission java.security.AllPermission;
};

grant codeBase "file:${catalina.base}/webapps/tks/-" {
        permission java.security.AllPermission;
};

grant codeBase "file:${catalina.base}/webapps/ROOT/-" {
        permission java.security.AllPermission;
};

APT Browse - Built by Thomas Orozco.