RFR: 8344177: Remove SecurityManager and related calls from java.management [v3]
Kevin Walls
kevinw at openjdk.org
Mon Nov 18 17:23:43 UTC 2024
On Mon, 18 Nov 2024 17:08:21 GMT, Kevin Walls <kevinw at openjdk.org> wrote:
>> Remove redundant SecurityManager, AccessController references
>> (following on from JDK-8338411: Implement JEP 486: Permanently Disable the Security Manager).
>
> Kevin Walls has updated the pull request incrementally with one additional commit since the last revision:
>
> add back checkClassLoader
MBeanServerAccessController.java:
The access controller will refuse to create an MBean that is a ClassLoader.
Previously, setting a SecurityManager would bypass this check.
Without SM, keeping this restriction is a compatible and reasonable thing to do.
If there do exist any MBeans which are ClassLoaders, then they have always required
a SecurityManager, and therefore have more migration work to do.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/22100#issuecomment-2483652181
More information about the serviceability-dev
mailing list