keystore "kim.keystore";

grant SignedBy "chris" {
  // the high score class needs permission to read user.home to find
  // the location of the highscore file

  permission java.util.PropertyPermission "user.home", "read";

  // it needs permission to read and write the high score file itself

  permission java.io.FilePermission "${user.home}${/}.highscore", "read,write";

  // it needs to get granted its own permission, so it can call checkPermission
  // to see if its caller has permission. Only grant it the permission
  // if the permission itself was signed by HighScore...

  permission HighScorePermission "*", signedBy "chris";
};


// grant code signed by "FooGame" the HighScorePermission, if the
// HighScorePermission was signed by "chris".

grant SignedBy "terry" {
 permission HighScorePermission "TerrysGame", signedBy "chris";
};