RFR: 8364182: Add jcmd VM.security_properties command [v8]

[Sean Mullan]

On Mon, 19 Jan 2026 11:25:41 GMT, Kieran Farrell <kfarrell at openjdk.org> wrote:

>> The goal of this PR is to add a means of exposing security properties at runtime to aid the debugging security related issues/misconfigurations etc. Currently, only initial security properties set at start up can be exposed via the `InitialSecurityProperty` JFR event. 
>> 
>> This patch introduces a new jcmd diagnostic command `VM.properties`, which enables developers to print either the current system properties or security properties of a running Java process via command-line arguments (-system or -security). To avoid clutter within the jcmd command list, the old `VM.system_properties` command is hidden, but not removed so will not break existing usages. The implementation of each is shared to reduce duplication.
>
> Kieran Farrell has updated the pull request incrementally with one additional commit since the last revision:
> 
>   add test

src/java.base/share/classes/java/security/Security.java line 335:

> 333:             @Override
> 334:             public Properties getCurrentProperties() {
> 335:                 return (Properties) props.clone();

It seems you can avoid this clone (and thereby not locking the `Properties` object) since the caller creates a new `Properties` object to store them in. Same pattern as the system properties.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/29124#discussion_r2818879624