RFR (12): 8191053: Provide a mechanism to make system's security manager immutable

Alan Bateman Alan.Bateman at oracle.com
Fri Oct 5 18:14:12 UTC 2018



On 05/10/2018 18:52, dean.long at oracle.com wrote:
>
> Isn't this an implementation detail that could change?  Could it say 
> instead "system class loader or one of its ancestors" or something 
> equally flexible?
>
I don't think there is much flexibility here. If the custom security 
manager class is visible to the custom system class loader but not 
visible to the default system class loader then it cannot be loaded. So 
I think it has to say that the security manager class is visible to the 
default system class loader ("built-in application class loader" in the 
discussion here). A link to the section in ClassLoader spec where it 
defines the 3 built-in class loaders, and the 
ClassLoader::getSystemClassLoader method, should be enough.

-Alan



More information about the security-dev mailing list