On Fri, 15 Nov 2024 16:21:10 GMT, Eirik Bjørsnøs <eir...@openjdk.org> wrote:
>> It's fine now: previously user defined security manager was effectively >> loading user code that uses java.lang.invoke, now users cannot specify >> security managers, so this problem does not exist any more. > > @liach Does this mean we can/should use `System.getProperty` here? VM saved props is still better imo as user code cannot tamper it with System.setProperty. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/22141#discussion_r1844132661
