RFR 8060068 : Remove the static initializer block from DriverManager
Sean Mullan
sean.mullan at oracle.com
Wed Dec 3 15:39:24 UTC 2014
On 12/03/2014 10:03 AM, Lance Andersen wrote:
>>> Note, I also tweaked the doPriviliged block for the JDBC property
>> >
>> >It's nice to see use of limited doPrivileged. Limited doPrivileged restricts the permissions be accessed by the doPrivileged block. On the other hand, since it only calls System.getProperty, that won't leak any privileges to untrusted code. I think we would need some guideline what can benefit from limited doPrivileged. Anyway, I'm fine with your change.
> Trying to slowly add the limited doPrivileged when I do an update. We did the same in RowSetProvider earlier for the same reason.
Use of limited doPrivileged may also incur more overhead when a
SecurityManager is installed, so I recommend checking the performance
impact before switching code to use it. I agree with Mandy that we need
a guide as to when it is best to use limited doPrivileged, and I will
look into that. In this case, I also agree with Mandy that this doesn't
provide much security benefit since the scope of the privileged
operation is already extremely narrow.
--Sean
More information about the core-libs-dev
mailing list