Re: [jboss-as7-dev] About the getSecurityManager() optimization
On 03/04/2013 09:35 AM, Anil Saldhana wrote:
The reason why we had package level securityactions/privileged
blocks
was mainly to provision the permissions down to the package level (if
need be). Having singleton classes representing priv blocks may be ok
for AS core code. However, how do we prevent applications from using these
singleton priv blocks?
No need to do so - the application still has to use doPrivileged from
their own code base. All we do is provide an object to give to it, to
avoid redundant classes from being defined and object instances from
being created. IOW there's no security risk that didn't already exist.
That said, this API is private (aka not supported by us for external
use), so we're free to change it or remove it at any time if we need to.
--
- DML