7192275: Minimize LogManager dependencies on java.beans

[Alan Bateman]

On 19/08/2012 08:50, Dmitry Samersoff wrote:
> :
> I'm not sure it's correct in generic case - exception it self could be
> untrusted code so on my opinion security check have to be done first,
> before everything else.
If there are cases where an exception might reveal something to an 
adversary then it would be appropriate to do the permission check and 
throw the SecurityException before other checks that might yield an 
exception. It is of course a non-issue with the code that we are looking 
at here as it's just an NPE. However in the general case then someone, 
say writing a conformance test, then they cannot assume the exception 
for cases where the more than one exception is possible.

>
> But I'm ok to leave everything as is in this case because it doesn't
> make things worth. Value of security check in non-final method is
> doubtful anyway.
Yes, let's leave this one for now as it's not an issue and I don't want 
to be changing longstanding behavior with this change.

As regards overriding the methods then they can certainly be done in a 
custom LogManager but such as custom LogManager would not be returned by 
LogManager.getLogManager (unless configured via the 
java.util.logging.manager property of course).

So thanks for the review, the changes are in jdk8/tl/jdk now.

-Alan.