Should System.exit be controlled by a Scope Local?
Andrew Haley
aph-open at littlepinkcloud.com
Sun Feb 27 18:47:55 UTC 2022
On 2/26/22 22:14, Ethan McCue wrote:
> As called out in JEP 411, one of the remaining legitimate uses of the
> Security Manager is to intercept calls to System.exit. This seems like a
> decent use case for the Scope Local mechanism.
It could well be. One problem, at least in the preview version of scope locals,
is that scope locals are only inherited in a structured concurrency context,
so it wouldn't protect against starting a new Thread which then called
System.exit().
I'd like to explore the use of scope locals as a lightweight means to
implement a system of permissions and capabilities for things such as
this.
--
Andrew Haley (he/him)
Java Platform Lead Engineer
Red Hat UK Ltd. <https://www.redhat.com>
https://keybase.io/andrewhaley
EAC8 43EB D3EF DB98 CC77 2FAD A5CD 6035 332F A671
More information about the core-libs-dev
mailing list