1. 19

  2. 1

    Very detailed in-depth write-up!

    1. 1

      I’ve described JVM security as ‘defence in breadth’. It depends on a whole load of things where any bug in any of them can completely break the security. SecurityManager depends on String being immutable, for example, so a single-bit flip in a string can break it.