haibot.policy

grant {
  // Enables running processes, so there
  permission java.io.FilePermission "<<ALL FILES>>", "execute";
  
  permission java.io.FilePermission ".config", "read";
  permission java.io.FilePermission ".apikeys", "read";
  permission java.io.FilePermission "haibot/*", "read, write";
  permission java.io.FilePermission "util/*", "read";
  permission java.io.FilePermission "logs/*", "write";
  permission java.io.FilePermission "/tmp/*", "read, write, delete";
  permission java.io.FilePermission "lib/-", "read";
  
  permission java.util.PropertyPermission "user.dir", "read";
  permission java.util.PropertyPermission "scala.time", "read";
  permission java.util.PropertyPermission "line.separator", "read";  

  permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
  permission java.lang.RuntimePermission "modifyThread";

  permission java.lang.RuntimePermission "exitVM.0";

  // java8/scala212 changes
  permission java.lang.RuntimePermission "fileSystemProvider";
  permission java.lang.RuntimePermission "loadLibrary.sunec";

  // base64
  permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
  // https
  permission java.security.SecurityPermission "putProviderProperty.SunJCE", "";
  permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*", "";
  permission java.lang.RuntimePermission "loadLibrary.j2pkcs11", "";
  permission java.io.FilePermission "${java.home}/lib/ext/-", "read";
  permission java.security.SecurityPermission "putProviderProperty.SunPKCS11-NSS", "";
  // freenode
  permission java.net.SocketPermission "*:6665-8080", "connect,resolve";
  // http(s)
  permission java.net.SocketPermission "*:80", "connect,resolve";
  permission java.net.SocketPermission "*:443", "connect,resolve";
  // pircbot-ssl
  permission java.security.SecurityPermission "insertProvider.SunJSSE", "";
  permission java.util.PropertyPermission "java.protocol.handler.pkgs", "write";
};