Bug 66540 - JDK18 SecurityManager fix in ant script does not work with direct invocation of ant Main
Summary: JDK18 SecurityManager fix in ant script does not work with direct invocation ...
Status: RESOLVED FIXED
Alias: None
Product: Ant
Classification: Unclassified
Component: Core (show other bugs)
Version: 1.10.13
Hardware: All Linux
: P2 critical with 1 vote (vote)
Target Milestone: 1.10.14
Assignee: Ant Notifications List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-03-22 20:02 UTC by stephen.felts@oracle.com
Modified: 2023-08-12 06:43 UTC (History)
1 user (show)


Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description stephen.felts@oracle.com 2023-03-22 20:02:13 UTC 
The current fix for invoking setSecurityManager in ant is to add 
-Djava.security.manager=allow to the ant script.
I know there are several bugs related to this already.
This also doesn't work for direct invocation of ant using
org.apache.tools.ant.Main.
ant should be changed to not call setSecurityManager on JDK18 or higher.
Comment 1 Jaikiran Pai 2023-03-23 05:52:39 UTC 
Hello Stephen, thank you for filing this. This helps keep track of all the issues we are currently seeing with the latest Ant release. As you note, Ant will have to stop setting the SecurityManager going forward.
Comment 2 Jaikiran Pai 2023-08-12 06:43:07 UTC 
I've reverted the changes we had done in Ant 1.10.13 to try and keep continuing to use SecurityManager. Those introduced more issues than providing any value. With the upcoming release of Ant, it will no longer use/support Java SecurityManager when Ant is used in Java 18+ versions. This should get us past all these issues.

It would be very helpful if you could try out our nightly build which contains these fixes and see if it helps you with this issue https://ci-builds.apache.org/job/Ant/job/Ant_Nightly/lastSuccessfulBuild/artifact/distribution/