Does this mean all the ugly AccessController.doPrivileged code can be
simplified?
--John
On 09/10/2024 16:22, Kevin Rushforth wrote:
I just took the PR out of Draft, so it is now ready for review.
-- Kevin
On 10/2/2024 8:20 AM, Kevin Rushforth wrote:
I suspect people who are using SecurityManager with JavaFX are still
on java8.
Very likely.
-- Kevin
On 10/2/2024 7:58 AM, Andy Goryachev wrote:
Good riddance! I suspect people who are using SecurityManager with
JavaFX are still on java8.
-andy
*From: *openjfx-dev <openjfx-dev-r...@openjdk.org> on behalf of
Kevin Rushforth <kevin.rushfo...@oracle.com>
*Date: *Wednesday, October 2, 2024 at 07:46
*To: *openjfx-dev <openjfx-dev@openjdk.org>
*Subject: *Proposal: Remove support for running JavaFX with the
security manager
The Java Security Manager was deprecated for removal in JDK 17 by JEP
411 [1]. The next step in the evolution of removing the security
manager
is to permanently disable it as proposed by candidate JEP 486 [2]. Once
this is done, System::getSecurityManager will unconditionally return
null, System::setSecurityManager will unconditionally throw
UnsupportedOperationException, and running "java -Dsecurity.manager"
will cause the VM to exit with a fatal error. This will either
happen in
JDK 24 (likely) or 25 (in case it misses 24). Either way, it will soon
be gone.
I propose to remove support for running JavaFX applications with a
security manager in JavaFX 24. Any JavaFX application that uses a
security manager will necessarily need to use JDK 21.x LTS going
forward, and thus can similarly use JavaFX 21.x LTS. See JDK-8341090
[3].
Comments?
-- Kevin
[1] https://openjdk.org/jeps/411
[2] https://openjdk.org/jeps/486
[3] https://bugs.openjdk.org/browse/JDK-8341090
