JDK-8301118 : Ignore allow and disallow options for java.security.manager System Property
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 7,8,11
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2023-01-25
  • Updated: 2024-11-05
  • Resolved: 2023-06-06
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11
11.0.21-oracle b01Fixed
Related Reports
CSR :  
JDK-8301251 - Ignore allow and disallow options for java.security.manager System Property
Relates :  
JDK-8191053 - Provide a mechanism to make system's security manager immutable
Sub Tasks
JDK-8309704 :  
Release Note: Ignore Allow and Disallow Options for `java.security.manager` System Property - Resolved
Description
In JDK 12, we introduced two new token options for the java.security.manager system property ("allow" and "disallow").

Many applications/frameworks are designed to run on multiple JDKs and for those that enable the SecurityManager at runtime via System.setSecurityManager they have to specify the "allow" option as of JDK 18. However, these applications would also prefer to use the same command line across multiple versions of the JDK, especially if it is not known what JDK version a user will use.

But on JDK versions earlier than JDK 12,  if these options are specified,  the runtime attempts to load a SecurityManager implementation with the classname of "allow" or "disallow", which results in an Error and the application will not start up.

Some applications have worked around this by creating a custom SecurityManager named "allow" that once enabled, immediately uninstalls itself, but this workaround is awkward and should not be necessary.

Instead, we should update supported JDK versions prior to JDK 12 to simply ignore these options if they are specified.

There may be an extremely small compatibility risk that someone may have named a legitimate SecurityManager implementation "allow" or "disallow". We could consider first trying to load an SM implementation, and then falling back to ignoring the option, but it is probably not necessary as classes that don't start with a capital letter are rare and discouraged.
Comments
[jdk11u-fix-request] Approval Request from Dmitry Cherepanov Proposing the change for parity with Oracle (fixed in 11.0.21-oracle). The change isn't a backport change and implemented according to the description of the issue. New allow/disallow options for the java.security.manager system property should be ignored in JDK11.
05-11-2024
A pull request was submitted for review. Branch: master URL: https://git.openjdk.org/jdk11u-dev/pull/2932 Date: 2024-09-06 11:13:21 +0000
06-09-2024