<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<title></title>
</head>
<body text="#000000" bgcolor="#ffffff">
Has the attached regression been fixed "Re:
-Djava.security.manager=problems for service provider"? I recently
changed all our code to use System.setSecurityManager(), because of
this regression, prior to that we used the command line option, it's
going to take some time to revert...<br>
<br>
SecurityManager is of critical importance in our software, I wish it
were simpler, we solved the performance issues about 8 years ago,
but complexity is still a pain point.<br>
<br>
Thanks,<br>
<br>
Peter.<br>
<br>
On 17/09/2018 7:09 PM, Alan Bateman wrote:
<blockquote
cite="mid:e002d466-7cf9-aed8-284f-328ffcd3c0fc@oracle.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
On 16/09/2018 20:37, Will Sargent wrote:<br>
<blockquote type="cite"
cite="mid:CAAvUidPKhVbg+--TjyRzSS3M6086vt4Lr80dBuFDaou68Swutg@mail.gmail.com">
<meta http-equiv="content-type" content="text/html;
charset=UTF-8">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">> The <span class="gmail-il">security</span> <span
class="gmail-il">manager</span> is legacy these days
and I think we need to figure out a plan how to
deprecate and eventually bury it.</div>
<div dir="ltr"><br>
</div>
<div dir="ltr">I don't know of any research or papers that
explicitly say that SecurityManager is "legacy". I did
some research into this a while ago, and while
SecurityManager has some major flaws, I don't know of
any other way to sandbox a Java application. <br>
</div>
<br>
</div>
</div>
</div>
</blockquote>
Have you looked into native containers? It's easy to find examples
of applications running in a docker container for example.<br>
<br>
-Alan<br>
</blockquote>
<br>
<br>
</body>
</html>