Security Manager [Was: JEP draft: Prepare to Restrict The Use of JNI]

Attila Kelemen attila.kelemen85 at gmail.com
Thu Sep 7 20:21:19 UTC 2023


>
> Just observing the discussion and no expert but…
>
> It sounds like this is about security and restrictions of native
> libraries.
>
> Not saying it’s any better or worse but wasn’t that what the
> depreciated/removed SecurityManager expected to do?
>

The JEP is not about security (pure Java code can wreak just as much havoc
on the system as native calls). It is simply knowing what your application
is attempting to use, and if some of your application's modules are using
native calls, then - as the JEP currently states - you have to explicitly
acknowledge the fact (for each module). Though the JEP motivation is a
little different, to me the benefit of such explicit acknowledgment is that
I know that there is some additional requirement for some modules, because
native calls might have some expectation on the environment (besides what
the JDK needs which is always expected), and I have to fulfill those
expectation.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/jdk-dev/attachments/20230907/0710598b/attachment-0001.htm>


More information about the jdk-dev mailing list