-
CSR
-
Resolution: Approved
-
P2
-
None
-
source, binary, behavioral
-
low
-
Java API
-
SE
Summary
Remove the deprecated pre-JDK 1.2 java.lang.SecurityManager
methods and fields that have been marked for removal in Java SE 9.
Problem
These methods and fields are only for use in SecurityManager
implementations prior to JDK 1.2. It is no longer necessary to retain support for pre-JDK 1.2 SecurityManager
implementations. Removing these methods will clean up the SecurityManager
class and eliminate the potential for them to be used incorrectly or insecurely.
Solution
Remove the following deprecated java.lang.SecurityManager methods and fields that have been marked with forRemoval=true in JDK 9: the inCheck
field, and the classDepth
, classLoaderDepth
, currentClassLoader
, currentLoadedClass
, getInCheck
, inClass
, and inClassLoader
methods.
Also, change the checkMemberAccess
method to throw SecurityException
if the caller has not been granted AllPermission
as this method is error-prone and users should instead invoke checkPermission
directly. The checkMemberAccess
method was deprecated in JDK 8 and marked for removal in 9, but we feel it is too early to remove it. Changing the behavior as noted eliminates the risk that it will be used incorrectly (and unsafely).
Specification
See 8186535-webrev.zip attachment.
- csr of
-
JDK-8186535 Remove deprecated pre-1.2 SecurityManager methods and fields
- Resolved