I've seen some Java application launcher scripts like this:java -Djava.security.policy=security.policy Main
It works fine but the SecurityManager is not installed, despite the presence of java.security.policy system property. It is unclear whether the author intends to install a SecurityManager or not. The point is, Java security design allows the separation of enabling the SecurityManager and security requirements. Therefore,
- To run with SecurityManager and default Java security policy, which is
$JAVA_HOME/jre/lib/security/java.policy:java -Djava.security.manager Main - To run with SecurityManager and only your custom security policy (ignoring default java security policy):
java -Djava.security.manager -Djava.security.policy==security.policy Main - To run with SecurityManager and default java security policy first, then your custom security policy:
java -Djava.security.manager -Djava.security.policy=security.policy Main - If you don't want a SecurityManager, then simply leave out java.security.policy to avoid any confusion.