[
https://issues.apache.org/jira/browse/DERBY-7138?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17516505#comment-17516505
]
ASF subversion and git services commented on DERBY-7138:
--------------------------------------------------------
Commit 1899535 from Richard N. Hillegas in branch 'code/trunk'
[ https://svn.apache.org/r1899535 ]
DERBY-7138: Remove tests which just exercise the SecurityManager; commit
derby-7138-03-aa-removePermissionsTests.diff.
> Remove references to the Java Security Manager
> ----------------------------------------------
>
> Key: DERBY-7138
> URL: https://issues.apache.org/jira/browse/DERBY-7138
> Project: Derby
> Issue Type: Task
> Components: Build tools, Documentation
> Affects Versions: 10.16.0.0
> Reporter: Richard N. Hillegas
> Assignee: Richard N. Hillegas
> Priority: Major
> Attachments:
> derby-7138-01-aa-removeSecurityManagerFromOldHarnessTests.diff,
> derby-7138-02-ab-moveMethodsToTestConfiguration.diff,
> derby-7138-03-aa-removePermissionsTests.diff
>
>
> The Open JDK team has deprecated the Java Security Manager and indicated that
> it will be removed in a future release of Java. See
> https://openjdk.java.net/jeps/411. In an email thread titled "protecting
> security-sensitive operations on multi-tenant servers" on the
> [email protected] mailing list, Alan Bateman indicated that
> developers should containerize their applications instead.
> This issue tracks work needed to remove Derby's references to the Java
> Security Manager.
> At a minimum, the following work needs to be done:
> o The tests should be adjusted so that they don't install a SecurityManager.
> o References to the SecurityManager should be removed from product code.
> o We should remove the SecurityManager section of the Derby Security Guide.
> In its place, we should recommend that developers containerize their Derby
> applications.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
