RFR (12): 8191053: Provide a mechanism to make system's security manager immutable

Mandy Chung mandy.chung at oracle.com
Tue Oct 2 18:15:57 UTC 2018



On 10/2/18 10:14 AM, Sean Mullan wrote:
> On 10/2/18 1:05 PM, Mandy Chung wrote:
>> I'm not a fan of using double == which is not obvious to catch the 
>> typo.  I think the `==` syntax may not be commonly known either (I 
>> suspect it's seldom for a user to override java.security.policy 
>> rather than augmenting it).
>>
>> Have you considered using simple token `disallow` and `allow` (or 
>> all-caps)?
>
> I am fine with that as well.
>
>>   The possibility of a custom security manager class named `disallow` 
>> and `allow` should be low.
>
> I agree. I could imagine there might be a custom SM class named 
> "Disallow" but that should still work, right?

Yes since the property value is case-sensitive.

Mandy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20181002/f049aae8/attachment.htm>


More information about the security-dev mailing list