RFR (12): 8191053: Provide a mechanism to make system's security manager immutable
Alan Bateman
Alan.Bateman at oracle.com
Fri Oct 5 18:14:12 UTC 2018
On 05/10/2018 18:52, dean.long at oracle.com wrote:
>
> Isn't this an implementation detail that could change? Could it say
> instead "system class loader or one of its ancestors" or something
> equally flexible?
>
I don't think there is much flexibility here. If the custom security
manager class is visible to the custom system class loader but not
visible to the default system class loader then it cannot be loaded. So
I think it has to say that the security manager class is visible to the
default system class loader ("built-in application class loader" in the
discussion here). A link to the section in ClassLoader spec where it
defines the 3 built-in class loaders, and the
ClassLoader::getSystemClassLoader method, should be enough.
-Alan
More information about the security-dev
mailing list