New candidate JEP: 486: Permanently Disable the Security Manager
Mark Reinhold
mark.reinhold at oracle.com
Thu Sep 26 11:55:36 UTC 2024
// Correcting Sean’s e-mail address
https://openjdk.org/jeps/486
Summary: The Security Manager has not been the primary means of
securing client-side Java code for many years, it has rarely been used
to secure server-side code, and it is costly to maintain. We therefore
deprecated it for removal in Java 17 via JEP 411 (2021). As the next
step toward removing the Security Manager, we will revise the Java
Platform specification so that developers cannot enable it and other
Platform classes do not refer to it. This change will have no impact
on the vast majority of applications, libraries, and tools. We will
remove the Security Manager API in a future release.
- Mark
More information about the jdk-dev
mailing list