Updates to JEP 411: Deprecate the Security Manager for Removal
Sean Mullan
sean.mullan at oracle.com
Wed May 19 13:48:35 UTC 2021
Thanks for those that have taken the time to review JEP 411 [1]. The JEP
has been updated today with a few changes, the most significant which is
the addition of a new section titled "Future Work" [2] which lists
related potential enhancements and works in progress.
Other smaller changes have been made throughout the JEP, including:
- The "Alternate JAAS APIs" section has been removed and replaced with
a smaller section in the Description section with a pointer to a JBS
issue with more details.
- Changes have been made to the Motivation section to improve some of
the wording and add more details.
- A new item named "Preserve the Security Manager API for extension by
custom Security Managers that wish to intercept, log, and veto access to
resources" has been added to the Alternatives section, as this has been
a topic of discussion since the JEP has been published.
- RMISecurityException has been removed from the list of APIs to be
deprecated for removal, and
java.util.concurrent.Executors::{privilegedCallable,
privilegedCallableUsingCurrentClassLoader, privilegedThreadFactory} have
been added.
Thanks,
Sean
[1] https://openjdk.java.net/jeps/411
[2] https://openjdk.java.net/jeps/411#Future-Work
More information about the security-dev
mailing list