Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8200185

Remove terminally deprecated SecurityManager APIs

    Details

    • Type: CSR
    • Status: Closed
    • Priority: P3
    • Resolution: Approved
    • Fix Version/s: 11
    • Component/s: security-libs
    • Labels:
      None
    • Subcomponent:
    • Compatibility Kind:
      source, binary
    • Compatibility Risk:
      low
    • Compatibility Risk Description:
      Hide
      I have evaluated usages from a large number of Maven projects. There are 13 projects that include custom SecurityManagers which override one or more of these methods. 8 of these use the @Override annotation or invoke the method directly or using super. Most of these overrides are simple: they either delegate to the installed SM or pass/fail by default, so they should be able to remove the overrides with minimal side-effects. There are also a couple of projects that still call checkSystemClipboardAccess but that can be easily replaced with checkPermission(AWTPermission("accessClipboard")).

      So, overall, I believe the risk is fairly low.
      Show
      I have evaluated usages from a large number of Maven projects. There are 13 projects that include custom SecurityManagers which override one or more of these methods. 8 of these use the @Override annotation or invoke the method directly or using super. Most of these overrides are simple: they either delegate to the installed SM or pass/fail by default, so they should be able to remove the overrides with minimal side-effects. There are also a couple of projects that still call checkSystemClipboardAccess but that can be easily replaced with checkPermission(AWTPermission("accessClipboard")). So, overall, I believe the risk is fairly low.
    • Interface Kind:
      Java API
    • Scope:
      SE

      Description

      Summary

      Remove the terminally deprecated java.lang.SecurityManager methods that have been marked for removal since Java SE 9: checkTopLevelWindow, checkSystemClipboardAccess, checkAwtEventQueueAccess, and checkMemberAccess.

      Problem

      In Java SE 9, these methods were marked for removal as part of JDK-8145468. Also in Java SE 9, the first three methods were re-specified to check AllPermission by JDK-8029886, and in Java SE 10 checkMemberAccess was changed to check AllPermission by JDK-8186535. These methods no longer have any benefit, and removing them will follow through on the the plan to remove them.

      Solution

      Remove the following deprecated java.lang.SecurityManager methods that have been marked with forRemoval=true since JDK 9: checkTopLevelWindow, checkSystemClipboardAccess, checkAwtEventQueueAccess, and checkMemberAccess.

      Specification

      See the attached specdiff 8193032-specdiff.00.zip.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                mullan Sean Mullan
                Reporter:
                smarks Stuart Marks
                Reviewed By:
                Alan Bateman, Mandy Chung
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: