***** Would you support a requirement to be able to run
***** applications with a restricted set of permissions?
From a PaaS point of view this is a valuable feature. I highly
recommend to keep an eye on the developer usability for this. To me
this sounds like we could end up with a couple of different security
settings for every PaaS vendor and depending on the target platform
your app (incl. frameworks) will run or not. Can we make an addition,
that the permissions shouldn't restrict Java EE features as defined in
the spec? Would that make sense?
[javaee-spec users] [jsr342-experts] Re: security manager requirements in Java EE
|Jason T. Greene||03/09/2012|