On Mon, 18 Nov 2024 15:17:33 GMT, Kevin Walls <kev...@openjdk.org> wrote:
>> Remove redundant SecurityManager, AccessController references
>> (following on from JDK-8338411: Implement JEP 486: Permanently Disable the
>> Security Manager).
>
> Kevin Walls has updated the pull request incrementally with two additional
> commits since the last revision:
>
> - remove missed suppression
> - comment correction
src/java.management/share/classes/com/sun/jmx/remote/security/MBeanServerAccessController.java
line 181:
> 179: if (sm == null) {
> 180: Object object = getMBeanServer().instantiate(className);
> 181: checkClassLoader(object);
I believe we should keep these calls to `checkClassLoader(object)` in place for
now. What to do in this case will require some more thinking - I'd suggest
handling that part in a separate PR.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/22100#discussion_r1846868850
