On Wed, 20 Nov 2024 14:37:54 GMT, Kevin Walls <kev...@openjdk.org> wrote:
>> Remove redundant SecurityManager, AccessController references >> (following on from JDK-8338411: Implement JEP 486: Permanently Disable the >> Security Manager). > > Kevin Walls has updated the pull request incrementally with two additional > commits since the last revision: > > - Remove checkPackageAccess calls > - Remove Util.check... calls Maybe follow-up, but can you check the usage of ReflectUtil.forName in MBeanServerFactory.loadBuilderClass. It looks like it wants to try the boot loader when the CCL is not set, in which case this can be changed to use the 3-arg forName a loader of null. If we can make this go away then I think it may be the last usage of ReflectUtil by the java.management module. It would be nice if we could make the qualified export of sun.reflect.misc to java.management go away if we can. ------------- PR Comment: https://git.openjdk.org/jdk/pull/22100#issuecomment-2488771956
