[External] Re: deprecation of SecurityManager JEP 411

arjan tijms arjan.tijms at gmail.com
Thu Feb 17 20:49:13 UTC 2022 

Hi,

On Thu, Feb 17, 2022 at 5:45 PM Bowes, David <d.h.bowes at lancaster.ac.uk>
wrote:

> Your  argument follows  ’10,000 lemmings can’t be wrong’....
>

I didn't mean to say that the 10k lemmings are right. What I was trying to
say is that the JDK team was making a tool that 10k-1 lemmings are not
using. So for the 1 lemming who is using the tool as intended, the costs of
maintaining it are seemingly too high.

Kind regards,
Arjan



>
>
> David
>
>
>
>
>
>
> ------------------------------
> *From:* arjan tijms <arjan.tijms at gmail.com>
> *Sent:* Thursday, February 17, 2022 1:29:04 PM
> *To:* Bowes, David <d.h.bowes at lancaster.ac.uk>
> *Cc:* security-dev at openjdk.java.net <security-dev at openjdk.java.net>
> *Subject:* [External] Re: deprecation of SecurityManager JEP 411
>
>
> *This email originated outside the University. Check before clicking links
> or attachments.*
> Hi,
>
> On Wed, Feb 16, 2022 at 6:24 PM Bowes, David <d.h.bowes at lancaster.ac.uk>
> wrote:
>
> I used the SecurityManger with great success to protect against Log4JShell.
>
>
>
> [...]  I would suggest that the SecurityManager does protect me from
> singinficant threats.
>
>
> While I don't disagree with you entirely, the problem is that seemingly
> almost nobody actually uses the security manager to protect against things
> like Log4JShell. The proof is in the pudding. If the security manager
> indeed protected against that in practice to a sufficient degree, then
> Log4JShell wouldn't have been a problem at all, would it? Yet it was, and
> the security manager is still there at the moment.
>
> I understand one could argue that without the security manager the impact
> of Log4JShell would have been even bigger, but I've not seen any evidence
> stating that.
>
> Given the way Java is now predominantly used, I think a better choice
> might be to have the Java applications run on virtual servers that restrict
> at that virtual server level which domains and IPs outgoing traffic may
> connect to.
>
> Finally, I think nobody is saying there is no value at all in the security
> manager, but just that the amount of work required to maintain it vs the
> practical benefits are non-optimal, at least with the current way the
> security manager and its permissions and policies work.
>
> Kind regards,
> Arjan Tijms
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20220217/28d59d0a/attachment.htm>

More information about the security-dev mailing list