Where would be a good place to do that sort of surveying? The mechanism does not seem to be that popular in open source software ( though that does make a degree of sense ), or at least the software grep.app scans
https://grep.app/search?q=permission.getName%28%29.startsWith%28%22exitVM%22%29 On Mon, Feb 28, 2022 at 9:05 AM Alan Bateman <alan.bate...@oracle.com> wrote: > On 26/02/2022 22:14, Ethan McCue wrote: > > I have a feeling this has been considered and I might just be > articulating > > the obvious - but: > > > > As called out in JEP 411, one of the remaining legitimate uses of the > > Security Manager is to intercept calls to System.exit. This seems like a > > decent use case for the Scope Local mechanism. > > > I think it was mostly convenience to use the SM to intercept calls to > System.exit as it's not really security when all other permissions are > granted. > > There have been a few prototypes of APIs in this area but none made to > the level of a good proposal. Using a SL or even TL set/remove is > interesting but you might want to survey some of the existing usages to > see if they are really stack confined. At least some of the uses have > been container applications with plugins that accidentally call > System.exit when running code not intended to run that way. I don't > think there is any guarantee that they run completely in the same thread > but some may do. > > -Alan >
