RFR 8060068 : Remove the static initializer block from DriverManager

[Lance Andersen]

On Dec 3, 2014, at 10:39 AM, Sean Mullan <sean.mullan at oracle.com> wrote:

> On 12/03/2014 10:03 AM, Lance Andersen wrote:
>>>> Note, I also tweaked the  doPriviliged block for the  JDBC property
>>> >
>>> >It's nice to see use of limited doPrivileged.  Limited doPrivileged restricts the permissions be accessed by the doPrivileged block.  On the other hand, since it only calls System.getProperty, that won't leak any privileges to untrusted code.  I think we would need some guideline what can benefit from limited doPrivileged.  Anyway, I'm fine with your change.
>> Trying to slowly add the limited doPrivileged when I do an update.  We did the same in RowSetProvider earlier for the same reason.
> 
> Use of limited doPrivileged may also incur more overhead when a SecurityManager is installed, so I recommend checking the performance impact before switching code to use it. I agree with Mandy that we need a guide as to when it is best to use limited doPrivileged, and I will look into that. In this case, I also agree with Mandy that this doesn't provide much security benefit since the scope of the privileged operation is already extremely narrow.

Thank you Sean.  As this code path is only called 1 time, i am not concerned  that performance will be an issue.  If you and Mandy prefer me to remove it, I can, just let me know.

Yes, I agree it is narrow.  The suggestion to add the limited doPriviliged came up in a review of RowSetProvider which is why I figured I would add it here also.  Now that was quite some time ago, so I understand our position might have changed.

Best,
Lance

> 
> --Sean



Lance Andersen| Principal Member of Technical Staff | +1.781.442.2037
Oracle Java Engineering 
1 Network Drive 
Burlington, MA 01803
Lance.Andersen at oracle.com