On 21/11/2017 00:48, David Lloyd wrote:
One thing that springs to mind. Some allowance would have to be made
for domain combiners and JAAS Subject propagation: this mechanism also
uses access control contexts, to its own great detriment.
Are you thinking about usages where there is no security manager but
AccessController.checkPermission is still used to check permissions?
:
Anyway I never got a chance to prototype this, but it might be a fun
option worth exploring. I found the idea of moving this stuff all to
user space to be very appealing (due in no small part to the idea that
it could potentially be examined and analyzed by a much larger
audience, being Java code). It also hints at the possibility of a
fully "user space" replacement of the security manager concept (much
of the remaining cost lives in the structure of AccessControlContext,
which is based on an array of ProtectionDomain objects; this is
definitely non-ideal and could possibly be hidden behind a smarter
abstraction).
In terms of performance the main interest here is the "no security
manager" case. If you have prototypes that moving the stack walking and
help the security manager case then I expect the folks here will be
interested.
-Alan
