Fwd: Re: RFR (12): 8191053: Provide a mechanism to make system's security manager immutable

David Lloyd david.lloyd at redhat.com
Thu Oct 4 14:17:49 UTC 2018


On Wed, Oct 3, 2018 at 7:53 PM Sergey Bylokhov
<Sergey.Bylokhov at oracle.com> wrote:
> Hi, Sean.
> One question related to SecurityManager and performance, is it possible
> to provide a special version of AccessController.doPrivileged which will
> be noop if SecurityManager is not present?

TBH that method (at least, the no-arg variant) should *always* have
been a no-op.  All it really accomplishes, in practice, is to place a
mark on the stack where the stack crawl to build the access control
context should stop (plus one frame), and this effect is something
that is already a natural consequence of a method being called in the
JVM.

The doPrivileged variant that accepts an ACC parameter should likewise
always have been no-op other than stashing the nested ACC into some
sort of thread-local (or better, a field on Thread) which can be
referred to by the aforementioned stack crawl.

The pure-java AccessController I prototyped late last year relies on
these ideas, among other things.
-- 
- DML



More information about the security-dev mailing list