RFR: 8338411: Implement JEP 486: Permanently Disable the Security Manager [v4]
Sean Mullan
mullan at openjdk.org
Mon Oct 28 13:47:03 UTC 2024
On Tue, 15 Oct 2024 22:09:59 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> src/java.base/share/classes/java/net/URLClassLoader.java line 667:
>>
>>> 665: * @param codesource the codesource
>>> 666: * @throws NullPointerException if {@code codesource} is {@code null}.
>>> 667: * @return the permissions for the codesource
>>
>> Since there is no SecurityManager any more, I guess this method could be, in the future, degraded to return an empty collection? Then when that's done the API documentation above could be trivially simplified to `{@return an empty {@code PermissionCollection}}`?
>
> Yes, I think that is a good suggestion. Let me think about whether it should be done as part of this JEP or if we can do it later.
I filed a follow-on issue to consider this: https://bugs.openjdk.org/browse/JDK-8343150
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21498#discussion_r1819084510
More information about the compiler-dev
mailing list