jetty-policy/src/main/config/lib/policy/temp-dirs.policy - jetty/org.eclipse.jetty.project - Git at Google

 // This file contains permissions for various temporary directories that
 // jetty might operate under.
 //
 // Careful auditing of this file is recommended for your particular use case

 //
 // the tmp directory is where webapps are unpacked by default so setup their restricted permissions
 //
 grant codeBase "file:${java.io.tmpdir}${/}" {

    permission java.io.FilePermission "${jetty.home}${/}webapps${/}-", "read"; // Ought to go up a specific codebases
    permission java.io.FilePermission "${java.io.tmpdir}${/}-", "read";
    permission java.util.PropertyPermission "org.eclipse.jetty.util.log.class", "read";
    permission java.util.PropertyPermission "org.eclipse.jetty.util.log.IGNORED", "read";
    permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.DEBUG", "read";

 };

 //
 // some operating systems have tmp as a symbolic link to /private/tmp
 //
 grant codeBase "file:/private${java.io.tmpdir}${/}-" {

    permission java.io.FilePermission "${jetty.home}${/}webapps${/}-", "read"; // Ought to go up a specific codebase
    permission java.io.FilePermission "/private/${java.io.tmpdir}${/}-", "read";
    permission java.util.PropertyPermission "org.eclipse.jetty.util.log.class", "read";
    permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.DEBUG", "read";
    permission java.util.PropertyPermission "org.eclipse.jetty.util.log.IGNORED", "read";

 };
	// This file contains permissions for various temporary directories that
	// jetty might operate under.
	//
	// Careful auditing of this file is recommended for your particular use case

	//
	// the tmp directory is where webapps are unpacked by default so setup their restricted permissions
	//
	grant codeBase "file:${java.io.tmpdir}${/}" {

	permission java.io.FilePermission "${jetty.home}${/}webapps${/}-", "read"; // Ought to go up a specific codebases
	permission java.io.FilePermission "${java.io.tmpdir}${/}-", "read";
	permission java.util.PropertyPermission "org.eclipse.jetty.util.log.class", "read";
	permission java.util.PropertyPermission "org.eclipse.jetty.util.log.IGNORED", "read";
	permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.DEBUG", "read";

	};

	//
	// some operating systems have tmp as a symbolic link to /private/tmp
	//
	grant codeBase "file:/private${java.io.tmpdir}${/}-" {

	permission java.io.FilePermission "${jetty.home}${/}webapps${/}-", "read"; // Ought to go up a specific codebase
	permission java.io.FilePermission "/private/${java.io.tmpdir}${/}-", "read";
	permission java.util.PropertyPermission "org.eclipse.jetty.util.log.class", "read";
	permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.DEBUG", "read";
	permission java.util.PropertyPermission "org.eclipse.jetty.util.log.IGNORED", "read";

	};