On Tue, Dec 17, 2024 at 8:26 PM Xuelei Fan <xuele...@gmail.com> wrote:
> > > > I have to disable this feature, and don’t allow any security property >> setting, which is not easy to me once an editable property is introduced. >> >> No need for this, the filter is disabled by default. If you are so >> concerned that you would like to forbid any security property modification >> to JDK deployment administrators, perhaps you should have already forbidden >> it. >> > > I did not forbid this new property yet. I could have other related > uneditable/forbidden because Java supports so with public APIs. I need to > update my application source code to forbid this one once it is released. > I could live, I think. It is just a little trouble and I have to take > care of the compatibility issues for the release. > > I also need to consider if the security property has been used for an application, how could it be onboarding to a market with strict security policies, without compatibility impact. This is a more serious problem to me. Any source code level update requirements could be painful. Best, Xuelei >
