New candidate JEP: 486: Permanently Disable the Security Manager

Mark Reinhold mark.reinhold at oracle.com
Thu Sep 26 11:50:41 UTC 2024


https://openjdk.org/jeps/486

  Summary: The Security Manager has not been the primary means of
  securing client-side Java code for many years, it has rarely been used
  to secure server-side code, and it is costly to maintain.  We therefore
  deprecated it for removal in Java 17 via JEP 411 (2021).  As the next
  step toward removing the Security Manager, we will revise the Java
  Platform specification so that developers cannot enable it and other
  Platform classes do not refer to it.  This change will have no impact
  on the vast majority of applications, libraries, and tools.  We will
  remove the Security Manager API in a future release.

- Mark


More information about the jdk-dev mailing list