On Mon, 18 Nov 2024 15:17:33 GMT, Kevin Walls <kev...@openjdk.org> wrote:
>> Remove redundant SecurityManager, AccessController references >> (following on from JDK-8338411: Implement JEP 486: Permanently Disable the >> Security Manager). > > Kevin Walls has updated the pull request incrementally with two additional > commits since the last revision: > > - remove missed suppression > - comment correction src/java.management/share/classes/com/sun/jmx/remote/security/MBeanServerAccessController.java line 76: > 74: * > 75: * <p>An MBean could possibly be a ClassLoader. Users who do not want an > 76: * MBean which could be a ClassLoader should not permit MBean > creation.</p> Maybe we should just refuse to create an MBean which is a ClassLoader for now (see further comments below) and handle that part in a dedicated PR. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/22100#discussion_r1846876232
