> On Jul 1, 2016, at 8:23 AM, Daniel Fuchs <daniel.fu...@oracle.com> wrote: > > On 01/07/16 16:19, Mandy Chung wrote: >>> I'd prefer to keep the doPrivileged in LogManager so that >>> > Logger.mergeWithSystemLogger can call checkpermission(). >>> > >>> > From a conceptual point of view it's only when calling >>> > this method from LogManager that we want to be privileged, >>> > even though the method is package private and only called >>> > from LogManager… >> Why is this extra checkPermission necessary? > > Because we're importing an application logger configuration > inside a system logger. Although the method can't be called > from outside the package I'd prefer to keep the permission > check in there. Also it's better to do it up front than > having it fail midway when we later call addHandler or > setLevel.
I think the additional check is unecessary but it’s harmless if you prefre to keep that. Ship it. Mandy