Since there is no good/clean way to establish static permissions for modules from the Policy, we should allow filesystem JARs to bundle a standard Java EE-style permissions.xml file which contains the permission collection that the generated module should support.