In the Java policy file, the grant codeBase syntax specifies which codebase should be granted which permissions. for example,
grant codeBase "file:/C:/abc.jar" { permission java.security.AllPermission; };
grants AllPermission to code inside abc.jar
In a similar way, Is there a way to deny permissions to a specific syntax? Like this:
deny codeBase "file:/C:/def.jar" { permission java.io.FilePermission; };
so that the code inside def.jar gets every other permissions except the FilePermission?
Is this even possible?
I know this can be easily done using the SecurityManager class, but I just want to know if this is possible by using the policy file only.
No. There is nothing like this implemented for policy files. You could write your own system, if you were really desperate.