RFR: 8292177: InitialSecurityProperty JFR event [v3]
Sean Coffey
coffeys at openjdk.org
Thu Oct 13 16:08:07 UTC 2022
On Tue, 11 Oct 2022 12:39:14 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> @seanjmullan - I looked at that approach. The `SharedSecrets.getJavaSecurityAccess().getInitialProperties();` call may trigger early initialization of the `java.security.Security` class - I'm not sure if we want that. ProtectionDomain class is currently loaded early in the JDK boot cycle.
>>
>> In fact the change suggested by @AlanBateman yesterday also has possibility to trigger unnecessary loading of the Security class. I might revert to the original design where we store the cached Properties in ProtectionDomain ?
>
> Maybe I am missing something. If this JFR event is enabled, and the properties have not yet been accessed, then it seems ok for JFR to load the `Security` class when JFR is started since the user is interested in this event.
After further conversation with @seanjmullan , a sharedSecrets accessor for the Properties map should be ok. Edits pushed.
-------------
PR: https://git.openjdk.org/jdk/pull/10394
More information about the security-dev
mailing list