Thanks for the quick response and for the pointer to
https://bugs.openjdk.java.net/browse/JDK-8203316
The change in the default value of java.security.manager prevents Derby
from installing a SecurityManager when the user forgets to. This
increases Derby's attack surface, significantly in my
On 11/18/21 1:22 PM, Rick Hillegas wrote:
Here's the output I get when I run that program against 18-ea+23-1525
WITHOUT setting java.security.manager on the boot command line:
Exception in thread "main" java.lang.UnsupportedOperationException: The
Security Manager is deprecated and will be
Re-sending from the account linked to my security-dev subscription
Forwarded Message
Build 18-ea+23-1525 has introduced another hurdle for applications which
use the SecurityManager. In order to install a SecurityManager, you now
have to set -Djava.security.manager=allow
Build 18-ea+23-1525 has introduced another hurdle for applications which
use the SecurityManager. In order to install a SecurityManager, you now
have to set -Djava.security.manager=allow on the boot command line. This
property cannot be set programatically, unlike the other system
properties