Discuss JEP 411

JEP 411 is named "Deprecate the Security Manager for Removal". A non-goal is to provide an alternative.

Discuss Now
Stop Duke logo

Why the Security Manager

Sheep

Our Mission

The JVM offers a lot of capabilities: make network calls, compile code on the fly, run code on the fly, etc. Your application probably doesn't need all of this. Hence, for an attacker, they just represent a welcome attack surface. The Security Manager is the way to apply the least privilege principle to reduce this attack surface via a configuration file. JEP 411 aims to deprecate then later remove the Security Manager with no replacement. Don't be a sheep, fight against this JEP!

The ultimate measure of a sheep is not where he stands in moments of comfort and convenience, but where he stands at times of challenge and controversy.

Wooly Wooly McBaa

Join us

Join our interest group hear the latest news and progress in our fight for the Security Manager.

/r/jep411/

Updates

Add Update

April 21, 2021

Principles of Containment

General claim: The thing doing the containing can see the component it is containing. The latter really only suspects it is contained, and cannot casually reach the container to interact with it explicitly, unless the container configured it to do so. Thus, there is an implicit sandboxing at each container/contained boundary. When we say each container/contained boundary I suggest that these should be nestable and each contained item be further restricted without knowledge of its nesting depth.

Edit Update

April 18, 2021

Simple pure Java demo of security managers

We added a simple pure Java demo of a custom security manager and a class loader hierarchy. Buildable project here

Edit Update

Template by CloudCannon