JEP411: Restricting/logging library usages using a SecurityManager
r.spilker at gmail.com
Thu Apr 15 21:10:30 UTC 2021
So I do get why RMI and Applets are no longer used.
I also agree that the performance and usability of the current
implementation is suboptimal, and that configuring the security manager
through text files is also not that easy.
But on my server application, we use libraries. And I'm very interested on
how they behave.
I would like to log or restrict the following actions:
- Spawning new processes
- Unexpected file access
- Unexpected network traffic
Currently, our application sets a custom written security manager to
restrict or log those aspects.
For example, we would block all XXE attacks by just having our security
In JEP411 I did not find a way to do those things without a security
What does the security group think about these use cases? Does it still
make sense to deprecate/remove the entire security manager? Would a
replacement for certain concerns be in order?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the security-dev