Updates to JEP 411: Deprecate the Security Manager for Removal
alex.buckley at oracle.com
Fri May 21 17:23:24 UTC 2021
A further point is that `-Djava.security.manager=allow` has been
special-cased since JDK 12:
- Compatibility review:
- Release note:
(I saw that Netbeans has run into trouble under JEP 411 because some
code does not recognize `allow`, and treats it as a class name:
On 5/19/2021 6:48 AM, Sean Mullan wrote:
> Thanks for those that have taken the time to review JEP 411 . The JEP
> has been updated today with a few changes, the most significant which is
> the addition of a new section titled "Future Work"  which lists
> related potential enhancements and works in progress.
> Other smaller changes have been made throughout the JEP, including:
> - The "Alternate JAAS APIs" section has been removed and replaced with
> a smaller section in the Description section with a pointer to a JBS
> issue with more details.
> - Changes have been made to the Motivation section to improve some of
> the wording and add more details.
> - A new item named "Preserve the Security Manager API for extension by
> custom Security Managers that wish to intercept, log, and veto access to
> resources" has been added to the Alternatives section, as this has been
> a topic of discussion since the JEP has been published.
> - RMISecurityException has been removed from the list of APIs to be
> deprecated for removal, and
> privilegedCallableUsingCurrentClassLoader, privilegedThreadFactory} have
> been added.
>  https://openjdk.java.net/jeps/411
>  https://openjdk.java.net/jeps/411#Future-Work
More information about the jdk-dev