RFR (12): 8191053: Provide a mechanism to make system's security manager immutable
Daniel Fuchs
daniel.fuchs at oracle.com
Fri Sep 14 11:52:24 UTC 2018
On 14/09/2018 12:31, Daniel Fuchs wrote:
> Maybe it would be less confusing if the property was named
> -Djdk.disableSecurityManager, because AFAICT, it's what it does?
Forget I said that ;-)
The name "jdk.allowSecurityManager" is actually fine.
I was also confused at first because I believed the
property, if set to false, would just prevent someone
to call System::setSecurityManager at runtime, whereas
it also prevents to set a security manager on the command
line.
Maybe emphasizing this would remove any confusion.
I wonder if the VM should fail to start if both
-Djdk.allowSecurityManager=false and -Djava.security.manager
are supplied?
best regards and apologies for the noise of my previous mail...
-- daniel
More information about the security-dev
mailing list