> 2022年11月8日 00:24,Mark Thomas <ma...@apache.org> 写道:
>
> Hi,
>
> BZ 66294 [1] highlights the performance impact in Tomcat of some additional
> SecurityManager checks that were added to avoid AccessControlException when
> using the EL API JAR outside of Tomcat.
>
> Details of the performance impact are in the bug report.
>
> I think we have a few options here.
>
> 1. Assume Tomcat 11 will remove the SecurityManager. No nothing for now and
> advise the reporter to move to Tomcat 11 when available.
>
> 2. Do nothing.
>
> 3. Disable this check by default and an option (it will have to be a system
> property) to enable it.
>
> 4. Something else.
>
> Thoughts?
>
> I am currently leaning towards 3 given that the performance impact is
> noticeable and that the check isn't required in normal usage.
+1
Han
>
> Mark
>
>
> [1] https://bz.apache.org/bugzilla/show_bug.cgi?id=66294
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
