Hi, On Thu, Feb 17, 2022 at 5:45 PM Bowes, David <d.h.bo...@lancaster.ac.uk> wrote:
> Your argument follows ’10,000 lemmings can’t be wrong’.... > I didn't mean to say that the 10k lemmings are right. What I was trying to say is that the JDK team was making a tool that 10k-1 lemmings are not using. So for the 1 lemming who is using the tool as intended, the costs of maintaining it are seemingly too high. Kind regards, Arjan > > > David > > > > > > > ------------------------------ > *From:* arjan tijms <arjan.ti...@gmail.com> > *Sent:* Thursday, February 17, 2022 1:29:04 PM > *To:* Bowes, David <d.h.bo...@lancaster.ac.uk> > *Cc:* security-dev@openjdk.java.net <security-dev@openjdk.java.net> > *Subject:* [External] Re: deprecation of SecurityManager JEP 411 > > > *This email originated outside the University. Check before clicking links > or attachments.* > Hi, > > On Wed, Feb 16, 2022 at 6:24 PM Bowes, David <d.h.bo...@lancaster.ac.uk> > wrote: > > I used the SecurityManger with great success to protect against Log4JShell. > > > > [...] I would suggest that the SecurityManager does protect me from > singinficant threats. > > > While I don't disagree with you entirely, the problem is that seemingly > almost nobody actually uses the security manager to protect against things > like Log4JShell. The proof is in the pudding. If the security manager > indeed protected against that in practice to a sufficient degree, then > Log4JShell wouldn't have been a problem at all, would it? Yet it was, and > the security manager is still there at the moment. > > I understand one could argue that without the security manager the impact > of Log4JShell would have been even bigger, but I've not seen any evidence > stating that. > > Given the way Java is now predominantly used, I think a better choice > might be to have the Java applications run on virtual servers that restrict > at that virtual server level which domains and IPs outgoing traffic may > connect to. > > Finally, I think nobody is saying there is no value at all in the security > manager, but just that the amount of work required to maintain it vs the > practical benefits are non-optimal, at least with the current way the > security manager and its permissions and policies work. > > Kind regards, > Arjan Tijms > > > > >
