RFR (12): 8191053: Provide a mechanism to make system's security manager immutable
Peter Firmstone
peter.firmstone at zeus.net.au
Mon Sep 17 12:41:06 UTC 2018
Has the attached regression been fixed "Re:
-Djava.security.manager=problems for service provider"? I recently
changed all our code to use System.setSecurityManager(), because of this
regression, prior to that we used the command line option, it's going to
take some time to revert...
SecurityManager is of critical importance in our software, I wish it
were simpler, we solved the performance issues about 8 years ago, but
complexity is still a pain point.
Thanks,
Peter.
On 17/09/2018 7:09 PM, Alan Bateman wrote:
> On 16/09/2018 20:37, Will Sargent wrote:
>> > The security manager is legacy these days and I think we need to
>> figure out a plan how to deprecate and eventually bury it.
>>
>> I don't know of any research or papers that explicitly say that
>> SecurityManager is "legacy". I did some research into this a while
>> ago, and while SecurityManager has some major flaws, I don't know of
>> any other way to sandbox a Java application.
>>
> Have you looked into native containers? It's easy to find examples of
> applications running in a docker container for example.
>
> -Alan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20180917/31ccf9dd/attachment.htm>
-------------- next part --------------
An embedded message was scrubbed...
From: Naoto Sato <naoto.sato at oracle.com>
Subject: Re: -Djava.security.manager=problems for service provider
Date: Thu, 29 Mar 2018 11:02:41 -0700
Size: 44548
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20180917/31ccf9dd/AttachedMessage.eml>
More information about the security-dev
mailing list