current position:Home>Changes of the times! Openjdk 17 plans to discard and remove the security manager feature

Changes of the times! Openjdk 17 plans to discard and remove the security manager feature

2022-01-27 00:59:24 Programming China News

To promote Java Move forward ,OpenJDK 17 Intend to abandon Its security manager (Security Manager) function , In order to work with old small applications API ( JEP 398 ) Delete... Together .

The safety manager function can be traced back to Java 1.0, When we use a push-button phone or Nokia Web Download from the browser Java Game apps (Applet) Era , The security manager runs small games in the sandbox , Thus denying it access to resources such as file system or network , Protect the security of our devices and the privacy of our data . Safety manager All operations involving access to trusted code resources will be approved , But refuse access to trusted code resources .

But as times change and Java The proliferation of Libraries , The security manager has become powerful, not from the heart , Along with carrying Android The popularity of smart phones ,Java The platform no longer supports the format of small applications , The environment used by security manager has become less . these years , It hasn't been protecting clients Java The main means of code , It is also rarely used to protect server-side code .

Three crimes of Safety Manager :

  • Fragile permission model

The security manager must grant the application all the permissions it needs to perform the operation , Partial security access control is not possible . for example , Users are worried about illegal access to data , Therefore, the security manager is required to grant the application the permission to read files only from a specific directory , But it's not enough to just read the file , Because the application will definitely use Java In addition to reading files, other operations in the class library ( For example, write a file ), These other operations will be rejected by the Security Manager .

  • Difficult programming model

The security manager checks all code permissions for one operation , Approve safety sensitive operations by decision , Makes it difficult to write libraries that run with the Security Manager , Because library developers don't record all the permissions required for their library code .

  • Poor performance

The core of security manager is a complex access control algorithm , This usually results in an unacceptable loss of performance . therefore , By default , For... Running on the command line JVM, The security manager is always disabled .

For all these reasons , The function of witnessing the development history of mobile devices is about to change from Java Remove , Key phone and its Java Small apps are gone with the years .

( writing / Open source in China )    

copyright notice
author[Programming China News],Please bring the original link to reprint, thank you.

Random recommended