Eliminating the security overhead when not running with a security manager
Alan Bateman
Alan.Bateman at oracle.com
Tue Nov 21 11:41:30 UTC 2017
On 21/11/2017 00:48, David Lloyd wrote:
> One thing that springs to mind. Some allowance would have to be made
> for domain combiners and JAAS Subject propagation: this mechanism also
> uses access control contexts, to its own great detriment.
Are you thinking about usages where there is no security manager but
AccessController.checkPermission is still used to check permissions?
> :
>
> Anyway I never got a chance to prototype this, but it might be a fun
> option worth exploring. I found the idea of moving this stuff all to
> user space to be very appealing (due in no small part to the idea that
> it could potentially be examined and analyzed by a much larger
> audience, being Java code). It also hints at the possibility of a
> fully "user space" replacement of the security manager concept (much
> of the remaining cost lives in the structure of AccessControlContext,
> which is based on an array of ProtectionDomain objects; this is
> definitely non-ideal and could possibly be hidden behind a smarter
> abstraction).
In terms of performance the main interest here is the "no security
manager" case. If you have prototypes that moving the stack walking and
help the security manager case then I expect the folks here will be
interested.
-Alan
More information about the security-dev
mailing list