ant-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Bodewig <bode...@apache.org>
Subject Re: Impact of Java SecurityManager being deprecated for removal post Java 17
Date Thu, 19 Aug 2021 07:45:19 GMT
On 2021-08-05, Jaikiran Pai wrote:

> Ant project will be impacted by this. Ant provides a "permissions"
> type[1] whose whole goal is to integrate with the Java SecurityManager
> to allow users to configure the necessary security permissions. With
> the SecurityManager and the APIs potentially gone after Java 17, we
> can no longer support this. One additional point to note here is that,
> Ant also uses the SecurityManager APIs even when "permissions" type is
> not involved, at least in the "java" task and the "junit" task, where
> we setup a SecurityManager with very minimal permissions.

At a cursory glance I only see JUnitTask and ExecuteJava deal with the
SecurityManager if permissions have been defined. Where else do we use
one?

For permissions something like the apprach we've taken for other removed
parts (rmi, javah) may work. We detect they are no longer supported at
runtime and fail the build if it tries to use it. For tools lik rmic or
javah this has been simple as we either started a new process or didn't
have any compile time dependencies for other reasons.

We could conditionally not compile the permissions stuff, which would
mean you'd need an "old" JDK to build the Ant distribution at one point
in time. This may be acceptable until 17 runs out of its LTS support
time. One migration option might be to offer an antlib containing the
permissions stuff and deprecate the core types - and remove them from
core once the next Java LTS version without SecurityManager arrives.

Stefan

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ant.apache.org
For additional commands, e-mail: dev-help@ant.apache.org


Mime
View raw message