JDK-8019425 : Local Security Policy: Any "run" rule must have at least one application qualifier
  • Type: Enhancement
  • Component: deploy
  • Sub-Component: plugin
  • Affected Version: 7u40
  • Priority: P2
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2013-06-28
  • Updated: 2014-02-12
  • Resolved: 2013-07-13
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
7u40 b34Fixed 8Fixed
Related Reports
Relates :  
Any rule with "run" as the target MUST have at least one application qualifier.  Name, Location, Signature or Checksum.  If it doesn't have one of these then the rule is invalid, and hence the file is invalid and we should treat it as such.
SQE-OK to get this issue fixed in 7u40.

With 7u40 nightly #23, confirmed that rule without any application quantifier will be treated as "Invalid (run everything) rule in Local Security Policy file". However, location ="*" still works as before. Policy looks like below: ========== <policy> <rule> <id location="*" /> <action permission="run"/> </rule> <!-- block everything else --> <rule> <id/> <action permission="block"> <message>we don't want to run anything else</message> </action> </rule> </policy> ============= Anyway, SQE is still going to allow this very bug to be fixed. Will file a new bug to track remaining issues.