8154231: Simplify access to System properties from JDK code

Reviewed-by: rriggs, chegar, weijun

jdk/src/java.base/linux/classes/sun/nio/fs/LinuxFileSystemProvider.java

@@ -102,8 +102,8 @@ public class LinuxFileSystemProvider extends UnixFileSystemProvider {
 
     @Override
     FileTypeDetector getFileTypeDetector() {
-        Path userMimeTypes = Paths.get(AccessController.doPrivileged(
+        String userHome = GetPropertyAction.getProperty("user.home");
-            new GetPropertyAction("user.home")), ".mime.types");
+        Path userMimeTypes = Paths.get(userHome, ".mime.types");
         Path etcMimeTypes = Paths.get("/etc/mime.types");
 
         return chain(new GioFileTypeDetector(),

jdk/src/java.base/macosx/classes/sun/nio/ch/KQueueArrayWrapper.java

@@ -32,9 +32,9 @@
 package sun.nio.ch;
 
 import java.io.IOException;
-import java.io.FileDescriptor;
 import java.util.Iterator;
 import java.util.LinkedList;
+import sun.security.action.GetPropertyAction;
 
 /*
  * struct kevent {           // 32-bit    64-bit
@@ -84,10 +84,8 @@ class KQueueArrayWrapper {
     static {
         IOUtil.load();
         initStructSizes();
-        String datamodel = java.security.AccessController.doPrivileged(
+        String datamodel = GetPropertyAction.getProperty("sun.arch.data.model");
-            new sun.security.action.GetPropertyAction("sun.arch.data.model")
+        is64bit = "64".equals(datamodel);
-        );
-        is64bit = datamodel.equals("64");
     }
 
     KQueueArrayWrapper() {

jdk/src/java.base/macosx/classes/sun/nio/fs/MacOSXFileSystemProvider.java

@@ -28,7 +28,6 @@ package sun.nio.fs;
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.nio.file.spi.FileTypeDetector;
-import java.security.AccessController;
 import sun.security.action.GetPropertyAction;
 
 /**
@@ -47,8 +46,8 @@ public class MacOSXFileSystemProvider extends BsdFileSystemProvider {
 
     @Override
     FileTypeDetector getFileTypeDetector() {
-        Path userMimeTypes = Paths.get(AccessController.doPrivileged(
+        Path userMimeTypes = Paths.get(
-            new GetPropertyAction("user.home")), ".mime.types");
+            GetPropertyAction.getProperty("user.home"), ".mime.types");
 
         return chain(new MimeTypesFileTypeDetector(userMimeTypes),
                      new UTIFileTypeDetector());

jdk/src/java.base/share/classes/java/io/File.java

@@ -31,7 +31,6 @@ import java.net.MalformedURLException;
 import java.net.URISyntaxException;
 import java.util.List;
 import java.util.ArrayList;
-import java.security.AccessController;
 import java.security.SecureRandom;
 import java.nio.file.Path;
 import java.nio.file.FileSystems;
@@ -1896,8 +1895,8 @@ public class File
         private TempDirectory() { }
 
         // temporary directory location
-        private static final File tmpdir = new File(AccessController
+        private static final File tmpdir = new File(
-            .doPrivileged(new GetPropertyAction("java.io.tmpdir")));
+                GetPropertyAction.getProperty("java.io.tmpdir"));
         static File location() {
             return tmpdir;
         }

jdk/src/java.base/share/classes/java/lang/ProcessBuilder.java

@@ -30,13 +30,12 @@ import java.io.FileDescriptor;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
-import java.nio.channels.Pipe;
 import java.util.Arrays;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
-import java.security.AccessController;
+import sun.security.action.GetPropertyAction;
-import java.security.PrivilegedAction;
+
 /**
  * This class is used to create operating system processes.
  *
@@ -468,11 +467,9 @@ public final class ProcessBuilder
      * @since 1.7
      */
     public abstract static class Redirect {
-        private static final File NULL_FILE = AccessController.doPrivileged(
+        private static final File NULL_FILE = new File(
-                (PrivilegedAction<File>) () -> {
+                (GetPropertyAction.getProperty("os.name")
-                    return new File((System.getProperty("os.name")
+                        .startsWith("Windows") ? "NUL" : "/dev/null")
-                            .startsWith("Windows") ? "NUL" : "/dev/null"));
-                }
         );
 
         /**

jdk/src/java.base/share/classes/java/lang/StackStreamFactory.java

@@ -30,8 +30,6 @@ import java.lang.StackWalker.StackFrame;
 
 import java.lang.annotation.Native;
 import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.HashSet;
 import java.util.NoSuchElementException;
 import java.util.Objects;
@@ -41,6 +39,7 @@ import java.util.function.Consumer;
 import java.util.function.Function;
 import java.util.stream.Stream;
 import java.util.stream.StreamSupport;
+import sun.security.action.GetPropertyAction;
 
 import static java.lang.StackStreamFactory.WalkerState.*;
 
@@ -990,14 +989,9 @@ final class StackStreamFactory {
     }
 
     private static boolean getProperty(String key, boolean value) {
-        String s = AccessController.doPrivileged(new PrivilegedAction<>() {
+        String s = GetPropertyAction.getProperty(key);
-            @Override
-            public String run() {
-                return System.getProperty(key);
-            }
-        });
         if (s != null) {
-            return Boolean.valueOf(s);
+            return Boolean.parseBoolean(s);
         }
         return value;
     }

jdk/src/java.base/share/classes/java/lang/invoke/InnerClassLambdaMetafactory.java

@@ -88,8 +88,7 @@ import static jdk.internal.org.objectweb.asm.Opcodes.*;
 
     static {
         final String key = "jdk.internal.lambda.dumpProxyClasses";
-        String path = AccessController.doPrivileged(
+        String path = GetPropertyAction.getProperty(key);
-                new GetPropertyAction(key));
         dumper = (null == path) ? null : ProxyClassesDumper.getInstance(path);
     }
 

jdk/src/java.base/share/classes/java/lang/invoke/MethodHandleStatics.java

@@ -25,9 +25,9 @@
 
 package java.lang.invoke;
 
-import java.security.AccessController;
+import java.util.Properties;
-import java.security.PrivilegedAction;
 import jdk.internal.misc.Unsafe;
+import sun.security.action.GetPropertyAction;
 
 /**
  * This class consists exclusively of static names internal to the
@@ -53,32 +53,27 @@ import jdk.internal.misc.Unsafe;
     static final boolean VAR_HANDLE_GUARDS;
 
     static {
-        final Object[] values = new Object[10];
+        Properties props = GetPropertyAction.getProperties();
-        AccessController.doPrivileged(new PrivilegedAction<>() {
+        DEBUG_METHOD_HANDLE_NAMES = Boolean.parseBoolean(
-                public Void run() {
+                props.getProperty("java.lang.invoke.MethodHandle.DEBUG_NAMES"));
-                    values[0] = Boolean.getBoolean("java.lang.invoke.MethodHandle.DEBUG_NAMES");
+        DUMP_CLASS_FILES = Boolean.parseBoolean(
-                    values[1] = Boolean.getBoolean("java.lang.invoke.MethodHandle.DUMP_CLASS_FILES");
+                props.getProperty("java.lang.invoke.MethodHandle.DUMP_CLASS_FILES"));
-                    values[2] = Boolean.getBoolean("java.lang.invoke.MethodHandle.TRACE_INTERPRETER");
+        TRACE_INTERPRETER = Boolean.parseBoolean(
-                    values[3] = Boolean.getBoolean("java.lang.invoke.MethodHandle.TRACE_METHOD_LINKAGE");
+                props.getProperty("java.lang.invoke.MethodHandle.TRACE_INTERPRETER"));
-                    values[4] = Integer.getInteger("java.lang.invoke.MethodHandle.COMPILE_THRESHOLD", 0);
+        TRACE_METHOD_LINKAGE = Boolean.parseBoolean(
-                    values[5] = Integer.getInteger("java.lang.invoke.MethodHandle.DONT_INLINE_THRESHOLD", 30);
+                props.getProperty("java.lang.invoke.MethodHandle.TRACE_METHOD_LINKAGE"));
-                    values[6] = Integer.getInteger("java.lang.invoke.MethodHandle.PROFILE_LEVEL", 0);
+        COMPILE_THRESHOLD = Integer.parseInt(
-                    values[7] = Boolean.parseBoolean(System.getProperty("java.lang.invoke.MethodHandle.PROFILE_GWT", "true"));
+                props.getProperty("java.lang.invoke.MethodHandle.COMPILE_THRESHOLD", "0"));
-                    values[8] = Integer.getInteger("java.lang.invoke.MethodHandle.CUSTOMIZE_THRESHOLD", 127);
+        DONT_INLINE_THRESHOLD = Integer.parseInt(
-                    values[9] = Boolean.parseBoolean(System.getProperty("java.lang.invoke.VarHandle.VAR_HANDLE_GUARDS", "true"));
+                props.getProperty("java.lang.invoke.MethodHandle.DONT_INLINE_THRESHOLD", "30"));
-                    return null;
+        PROFILE_LEVEL = Integer.parseInt(
-                }
+                props.getProperty("java.lang.invoke.MethodHandle.PROFILE_LEVEL", "0"));
-            });
+        PROFILE_GWT = Boolean.parseBoolean(
-        DEBUG_METHOD_HANDLE_NAMES = (Boolean) values[0];
+                props.getProperty("java.lang.invoke.MethodHandle.PROFILE_GWT", "true"));
-        DUMP_CLASS_FILES          = (Boolean) values[1];
+        CUSTOMIZE_THRESHOLD = Integer.parseInt(
-        TRACE_INTERPRETER         = (Boolean) values[2];
+                props.getProperty("java.lang.invoke.MethodHandle.CUSTOMIZE_THRESHOLD", "127"));
-        TRACE_METHOD_LINKAGE      = (Boolean) values[3];
+        VAR_HANDLE_GUARDS = Boolean.parseBoolean(
-        COMPILE_THRESHOLD         = (Integer) values[4];
+                props.getProperty("java.lang.invoke.VarHandle.VAR_HANDLE_GUARDS", "true"));
-        DONT_INLINE_THRESHOLD     = (Integer) values[5];
-        PROFILE_LEVEL             = (Integer) values[6];
-        PROFILE_GWT               = (Boolean) values[7];
-        CUSTOMIZE_THRESHOLD       = (Integer) values[8];
-        VAR_HANDLE_GUARDS         = (Boolean) values[9];
 
         if (CUSTOMIZE_THRESHOLD < -1 || CUSTOMIZE_THRESHOLD > 127) {
             throw newInternalError("CUSTOMIZE_THRESHOLD should be in [-1...127] range");

jdk/src/java.base/share/classes/java/lang/invoke/StringConcatFactory.java

@@ -33,7 +33,6 @@ import jdk.internal.vm.annotation.ForceInline;
 import jdk.internal.misc.Unsafe;
 
 import java.lang.invoke.MethodHandles.Lookup;
-import java.security.AccessController;
 import java.util.*;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentMap;
@@ -188,14 +187,15 @@ public final class StringConcatFactory {
     private static final ProxyClassesDumper DUMPER;
 
     static {
-        final String strategy = AccessController.doPrivileged(
+        Properties props = GetPropertyAction.getProperties();
-                new GetPropertyAction("java.lang.invoke.stringConcat"));
+        final String strategy =
-        CACHE_ENABLE = Boolean.parseBoolean(AccessController.doPrivileged(
+                props.getProperty("java.lang.invoke.stringConcat");
-                new GetPropertyAction("java.lang.invoke.stringConcat.cache")));
+        CACHE_ENABLE = Boolean.parseBoolean(
-        DEBUG = Boolean.parseBoolean(AccessController.doPrivileged(
+                props.getProperty("java.lang.invoke.stringConcat.cache"));
-                new GetPropertyAction("java.lang.invoke.stringConcat.debug")));
+        DEBUG = Boolean.parseBoolean(
-        final String dumpPath = AccessController.doPrivileged(
+                props.getProperty("java.lang.invoke.stringConcat.debug"));
-                new GetPropertyAction("java.lang.invoke.stringConcat.dumpClasses"));
+        final String dumpPath =
+                props.getProperty("java.lang.invoke.stringConcat.dumpClasses");
 
         STRATEGY = (strategy == null) ? DEFAULT_STRATEGY : Strategy.valueOf(strategy);
         CACHE = CACHE_ENABLE ? new ConcurrentHashMap<>() : null;

jdk/src/java.base/share/classes/java/lang/module/ModuleFinder.java

@@ -39,6 +39,7 @@ import java.util.Optional;
 import java.util.Set;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
+import sun.security.action.GetPropertyAction;
 
 /**
  * A finder of modules. A {@code ModuleFinder} is used to find modules during
@@ -152,7 +153,7 @@ public interface ModuleFinder {
 
         SecurityManager sm = System.getSecurityManager();
         if (sm != null) {
-            PrivilegedAction<String> pa = () -> System.getProperty("java.home");
+            PrivilegedAction<String> pa = new GetPropertyAction("java.home");
             home = AccessController.doPrivileged(pa);
             Permission p = new FilePermission(home + File.separator + "-", "read");
             sm.checkPermission(p);

jdk/src/java.base/share/classes/java/lang/reflect/Proxy.java

@@ -50,6 +50,7 @@ import jdk.internal.misc.VM;
 import jdk.internal.reflect.CallerSensitive;
 import jdk.internal.reflect.Reflection;
 import sun.reflect.misc.ReflectUtil;
+import sun.security.action.GetPropertyAction;
 import sun.security.util.SecurityConstants;
 
 /**
@@ -581,11 +582,7 @@ public class Proxy implements java.io.Serializable {
         }
 
         private static final String DEBUG =
-            AccessController.doPrivileged(new PrivilegedAction<>() {
+                GetPropertyAction.getProperty("jdk.proxy.debug", "");
-                public String run() {
-                    return System.getProperty("jdk.proxy.debug", "");
-                }
-            });
 
         private static boolean isDebug() {
             return !DEBUG.isEmpty();

jdk/src/java.base/share/classes/java/net/AbstractPlainDatagramSocketImpl.java

@@ -31,6 +31,7 @@ import sun.net.ResourceManager;
 import java.util.Set;
 import java.util.HashSet;
 import java.util.Collections;
+import sun.security.action.GetPropertyAction;
 
 /**
  * Abstract datagram and multicast socket implementation base class.
@@ -51,9 +52,7 @@ abstract class AbstractPlainDatagramSocketImpl extends DatagramSocketImpl
     protected InetAddress connectedAddress = null;
     private int connectedPort = -1;
 
-    private static final String os = AccessController.doPrivileged(
+    private static final String os = GetPropertyAction.getProperty("os.name");
-        new sun.security.action.GetPropertyAction("os.name")
-    );
 
     /**
      * flag set if the native connect() call not to be used

jdk/src/java.base/share/classes/java/net/InetAddress.java

@@ -1123,8 +1123,8 @@ class InetAddress implements java.io.Serializable {
      */
     private static NameService createNameService() {
 
-        String hostsFileName = AccessController
+        String hostsFileName =
-                .doPrivileged(new GetPropertyAction("jdk.net.hosts.file"));
+                GetPropertyAction.getProperty("jdk.net.hosts.file");
         NameService theNameService;
         if (hostsFileName != null) {
             theNameService = new HostsFileNameService(hostsFileName);
@@ -1643,8 +1643,7 @@ class InetAddress implements java.io.Serializable {
          * property can vary across implementations of the java.
          * classes.  The default is an empty String "".
          */
-        String prefix = AccessController.doPrivileged(
+        String prefix = GetPropertyAction.getProperty("impl.prefix", "");
-                      new GetPropertyAction("impl.prefix", ""));
         try {
             impl = Class.forName("java.net." + prefix + implName).newInstance();
         } catch (ClassNotFoundException e) {

jdk/src/java.base/share/classes/java/net/SocksSocketImpl.java

@@ -33,6 +33,7 @@ import java.security.PrivilegedExceptionAction;
 import sun.net.SocksProxy;
 import sun.net.spi.DefaultProxySelector;
 import sun.net.www.ParseUtil;
+import sun.security.action.GetPropertyAction;
 /* import org.ietf.jgss.*; */
 
 /**
@@ -177,8 +178,7 @@ class SocksSocketImpl extends PlainSocketImpl implements SocksConsts {
                 userName = pw.getUserName();
                 password = new String(pw.getPassword());
             } else {
-                userName = java.security.AccessController.doPrivileged(
+                userName = GetPropertyAction.getProperty("user.name");
-                        new sun.security.action.GetPropertyAction("user.name"));
             }
             if (userName == null)
                 return false;
@@ -1088,8 +1088,7 @@ class SocksSocketImpl extends PlainSocketImpl implements SocksConsts {
                 userName = System.getProperty("user.name");
             } catch (SecurityException se) { /* swallow Exception */ }
         } else {
-            userName = java.security.AccessController.doPrivileged(
+            userName = GetPropertyAction.getProperty("user.name");
-                new sun.security.action.GetPropertyAction("user.name"));
         }
         return userName;
     }

jdk/src/java.base/share/classes/java/net/URL.java

@@ -42,6 +42,7 @@ import java.util.ServiceConfigurationError;
 import java.util.ServiceLoader;
 
 import sun.security.util.SecurityConstants;
+import sun.security.action.GetPropertyAction;
 
 /**
  * Class {@code URL} represents a Uniform Resource
@@ -1210,12 +1211,8 @@ public final class URL implements java.io.Serializable {
     }
 
     private static URLStreamHandler lookupViaProperty(String protocol) {
-        String packagePrefixList = java.security.AccessController.doPrivileged(
+        String packagePrefixList =
-                new PrivilegedAction<>() {
+                GetPropertyAction.getProperty(protocolPathProp);
-                    public String run() {
-                        return System.getProperty(protocolPathProp, null);
-                    }
-                });
         if (packagePrefixList == null) {
             // not set
             return null;

jdk/src/java.base/share/classes/java/net/URLConnection.java

@@ -43,6 +43,7 @@ import java.security.Permission;
 import java.security.AccessController;
 import sun.security.util.SecurityConstants;
 import sun.net.www.MessageHeader;
+import sun.security.action.GetPropertyAction;
 
 /**
  * The abstract class {@code URLConnection} is the superclass
@@ -1395,8 +1396,8 @@ public abstract class URLConnection {
      * is always the last one on the returned package list.
      */
     private String getContentHandlerPkgPrefixes() {
-        String packagePrefixList = AccessController.doPrivileged(
+        String packagePrefixList =
-            new sun.security.action.GetPropertyAction(contentPathProp, ""));
+                GetPropertyAction.getProperty(contentPathProp, "");
 
         if (packagePrefixList != "") {
             packagePrefixList += "|";

jdk/src/java.base/share/classes/java/net/URLEncoder.java

@@ -25,19 +25,12 @@
 
 package java.net;
 
-import java.io.ByteArrayOutputStream;
-import java.io.BufferedWriter;
-import java.io.OutputStreamWriter;
-import java.io.IOException;
 import java.io.UnsupportedEncodingException;
 import java.io.CharArrayWriter;
 import java.nio.charset.Charset;
 import java.nio.charset.IllegalCharsetNameException;
 import java.nio.charset.UnsupportedCharsetException ;
 import java.util.BitSet;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import sun.security.action.GetBooleanAction;
 import sun.security.action.GetPropertyAction;
 
 /**
@@ -140,9 +133,7 @@ public class URLEncoder {
         dontNeedEncoding.set('.');
         dontNeedEncoding.set('*');
 
-        dfltEncName = AccessController.doPrivileged(
+        dfltEncName = GetPropertyAction.getProperty("file.encoding");
-            new GetPropertyAction("file.encoding")
-        );
     }
 
     /**

jdk/src/java.base/share/classes/java/nio/charset/Charset.java

@@ -283,8 +283,8 @@ public abstract class Charset
         if (level == null) {
             if (!VM.isBooted())
                 return false;
-            bugLevel = level = AccessController.doPrivileged(
+            bugLevel = level =
-                new GetPropertyAction("sun.nio.cs.bugLevel", ""));
+                    GetPropertyAction.getProperty("sun.nio.cs.bugLevel", "");
         }
         return level.equals(bl);
     }
@@ -609,8 +609,7 @@ public abstract class Charset
     public static Charset defaultCharset() {
         if (defaultCharset == null) {
             synchronized (Charset.class) {
-                String csn = AccessController.doPrivileged(
+                String csn = GetPropertyAction.getProperty("file.encoding");
-                    new GetPropertyAction("file.encoding"));
                 Charset cs = lookup(csn);
                 if (cs != null)
                     defaultCharset = cs;

jdk/src/java.base/share/classes/java/nio/file/TempFileHelper.java

@@ -28,7 +28,6 @@ package java.nio.file;
 import java.util.Set;
 import java.util.EnumSet;
 import java.security.SecureRandom;
-import static java.security.AccessController.*;
 import java.io.IOException;
 import java.nio.file.attribute.FileAttribute;
 import java.nio.file.attribute.PosixFilePermission;
@@ -47,7 +46,7 @@ class TempFileHelper {
 
     // temporary directory location
     private static final Path tmpdir =
-        Paths.get(doPrivileged(new GetPropertyAction("java.io.tmpdir")));
+        Paths.get(GetPropertyAction.getProperty("java.io.tmpdir"));
 
     private static final boolean isPosix =
         FileSystems.getDefault().supportedFileAttributeViews().contains("posix");

jdk/src/java.base/share/classes/java/util/Locale.java

@@ -45,7 +45,6 @@ import java.io.ObjectInputStream;
 import java.io.ObjectOutputStream;
 import java.io.ObjectStreamField;
 import java.io.Serializable;
-import java.security.AccessController;
 import java.text.MessageFormat;
 import java.util.spi.LocaleNameProvider;
 
@@ -859,11 +858,10 @@ public final class Locale implements Cloneable, Serializable {
 
     private static Locale initDefault() {
         String language, region, script, country, variant;
-        language = AccessController.doPrivileged(
+        Properties props = GetPropertyAction.getProperties();
-            new GetPropertyAction("user.language", "en"));
+        language = props.getProperty("user.language", "en");
         // for compatibility, check for old user.region property
-        region = AccessController.doPrivileged(
+        region = props.getProperty("user.region");
-            new GetPropertyAction("user.region"));
         if (region != null) {
             // region can be of form country, country_variant, or _variant
             int i = region.indexOf('_');
@@ -876,27 +874,25 @@ public final class Locale implements Cloneable, Serializable {
             }
             script = "";
         } else {
-            script = AccessController.doPrivileged(
+            script = props.getProperty("user.script", "");
-                new GetPropertyAction("user.script", ""));
+            country = props.getProperty("user.country", "");
-            country = AccessController.doPrivileged(
+            variant = props.getProperty("user.variant", "");
-                new GetPropertyAction("user.country", ""));
-            variant = AccessController.doPrivileged(
-                new GetPropertyAction("user.variant", ""));
         }
 
         return getInstance(language, script, country, variant, null);
     }
 
     private static Locale initDefault(Locale.Category category) {
+        Properties props = GetPropertyAction.getProperties();
         return getInstance(
-            AccessController.doPrivileged(
+            props.getProperty(category.languageKey,
-                new GetPropertyAction(category.languageKey, defaultLocale.getLanguage())),
+                    defaultLocale.getLanguage()),
-            AccessController.doPrivileged(
+            props.getProperty(category.scriptKey,
-                new GetPropertyAction(category.scriptKey, defaultLocale.getScript())),
+                    defaultLocale.getScript()),
-            AccessController.doPrivileged(
+            props.getProperty(category.countryKey,
-                new GetPropertyAction(category.countryKey, defaultLocale.getCountry())),
+                    defaultLocale.getCountry()),
-            AccessController.doPrivileged(
+            props.getProperty(category.variantKey,
-                new GetPropertyAction(category.variantKey, defaultLocale.getVariant())),
+                    defaultLocale.getVariant()),
             null);
     }
 

jdk/src/java.base/share/classes/java/util/PropertyResourceBundle.java

@@ -43,7 +43,6 @@ import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.Reader;
 import java.io.IOException;
-import java.nio.charset.Charset;
 import java.nio.charset.MalformedInputException;
 import java.nio.charset.StandardCharsets;
 import java.nio.charset.UnmappableCharacterException;
@@ -142,8 +141,8 @@ public class PropertyResourceBundle extends ResourceBundle {
     // Check whether the strict encoding is specified.
     // The possible encoding is either "ISO-8859-1" or "UTF-8".
     private static final String encoding =
-        AccessController.doPrivileged(
+        GetPropertyAction
-            new GetPropertyAction("java.util.PropertyResourceBundle.encoding", ""))
+                .getProperty("java.util.PropertyResourceBundle.encoding", "")
         .toUpperCase(Locale.ROOT);
 
     /**

jdk/src/java.base/share/classes/java/util/TimeZone.java

@@ -660,14 +660,12 @@ public abstract class TimeZone implements Serializable, Cloneable {
     private static synchronized TimeZone setDefaultZone() {
         TimeZone tz;
         // get the time zone ID from the system properties
-        String zoneID = AccessController.doPrivileged(
+        String zoneID = GetPropertyAction.getProperty("user.timezone");
-                new GetPropertyAction("user.timezone"));
 
         // if the time zone ID is not set (yet), perform the
         // platform to Java time zone ID mapping.
         if (zoneID == null || zoneID.isEmpty()) {
-            String javaHome = AccessController.doPrivileged(
+            String javaHome = GetPropertyAction.getProperty("java.home");
-                    new GetPropertyAction("java.home"));
             try {
                 zoneID = getSystemTimeZoneID(javaHome);
                 if (zoneID == null) {

jdk/src/java.base/share/classes/java/util/jar/JarFile.java

@@ -34,7 +34,6 @@ import java.util.stream.StreamSupport;
 import java.util.zip.*;
 import java.security.CodeSigner;
 import java.security.cert.Certificate;
-import java.security.AccessController;
 import java.security.CodeSource;
 import jdk.internal.misc.SharedSecrets;
 import sun.security.action.GetPropertyAction;
@@ -155,16 +154,16 @@ class JarFile extends ZipFile {
 
         BASE_VERSION = 8;  // one less than lowest version for versioned entries
         int runtimeVersion = jdk.Version.current().major();
-        String jarVersion = AccessController.doPrivileged(
+        String jarVersion =
-                new GetPropertyAction("jdk.util.jar.version"));
+                GetPropertyAction.getProperty("jdk.util.jar.version");
         if (jarVersion != null) {
             int jarVer = Integer.parseInt(jarVersion);
             runtimeVersion = (jarVer > runtimeVersion)
                     ? runtimeVersion : Math.max(jarVer, 0);
         }
         RUNTIME_VERSION = runtimeVersion;
-        String enableMultiRelease = AccessController.doPrivileged(
+        String enableMultiRelease = GetPropertyAction
-                new GetPropertyAction("jdk.util.jar.enableMultiRelease", "true"));
+                .getProperty("jdk.util.jar.enableMultiRelease", "true");
         switch (enableMultiRelease) {
             case "true":
             default:

jdk/src/java.base/share/classes/java/util/jar/Pack200.java

@@ -29,6 +29,7 @@ import java.io.InputStream;
 import java.io.OutputStream;
 import java.io.File;
 import java.io.IOException;
+import sun.security.action.GetPropertyAction;
 
 
 /**
@@ -694,8 +695,7 @@ public abstract class Pack200 {
             Class<?> impl = (PACK_PROVIDER.equals(prop))? packerImpl: unpackerImpl;
             if (impl == null) {
                 // The first time, we must decide which class to use.
-                implName = java.security.AccessController.doPrivileged(
+                implName = GetPropertyAction.getProperty(prop,"");
-                    new sun.security.action.GetPropertyAction(prop,""));
                 if (implName != null && !implName.equals(""))
                     impl = Class.forName(implName);
                 else if (PACK_PROVIDER.equals(prop))

jdk/src/java.base/share/classes/java/util/regex/PatternSyntaxException.java

@@ -94,8 +94,7 @@ public class PatternSyntaxException
     }
 
     private static final String nl =
-        java.security.AccessController
+            GetPropertyAction.getProperty("line.separator");
-            .doPrivileged(new GetPropertyAction("line.separator"));
 
     /**
      * Returns a multi-line string containing the description of the syntax

jdk/src/java.base/share/classes/java/util/zip/ZipOutputStream.java

@@ -33,6 +33,7 @@ import java.util.Vector;
 import java.util.HashSet;
 import static java.util.zip.ZipConstants64.*;
 import static java.util.zip.ZipUtils.*;
+import sun.security.action.GetPropertyAction;
 
 /**
  * This class implements an output stream filter for writing files in the
@@ -54,9 +55,7 @@ class ZipOutputStream extends DeflaterOutputStream implements ZipConstants {
      */
     private static final boolean inhibitZip64 =
         Boolean.parseBoolean(
-            java.security.AccessController.doPrivileged(
+            GetPropertyAction.getProperty("jdk.util.zip.inhibitZip64"));
-                new sun.security.action.GetPropertyAction(
-                    "jdk.util.zip.inhibitZip64", "false")));
 
     private static class XEntry {
         final ZipEntry entry;

jdk/src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java

@@ -51,9 +51,9 @@ public abstract class SSLSocketFactory extends SocketFactory
     static final boolean DEBUG;
 
     static {
-        String s = java.security.AccessController.doPrivileged(
+        String s = GetPropertyAction.getProperty("javax.net.debug", "")
-            new GetPropertyAction("javax.net.debug", "")).toLowerCase(
+                .toLowerCase(Locale.ENGLISH);
-                                                            Locale.ENGLISH);
+
         DEBUG = s.contains("all") || s.contains("ssl");
     }
 

jdk/src/java.base/share/classes/jdk/Version.java

@@ -26,8 +26,6 @@
 package jdk;
 
 import java.math.BigInteger;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.ArrayList;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
@@ -35,6 +33,7 @@ import java.util.stream.Collectors;
 import java.util.Collections;
 import java.util.List;
 import java.util.Optional;
+import sun.security.action.GetPropertyAction;
 
 /**
  * A representation of the JDK version-string which contains a version
@@ -274,12 +273,7 @@ public final class Version
      */
     public static Version current() {
         if (current == null) {
-            current = parse(AccessController.doPrivileged(
+            current = parse(GetPropertyAction.getProperty("java.version"));
-                new PrivilegedAction<>() {
-                    public String run() {
-                        return System.getProperty("java.version");
-                    }
-                }));
         }
         return current;
     }

jdk/src/java.base/share/classes/jdk/internal/loader/URLClassPath.java

@@ -52,6 +52,7 @@ import java.util.HashSet;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.NoSuchElementException;
+import java.util.Properties;
 import java.util.Set;
 import java.util.Stack;
 import java.util.StringTokenizer;
@@ -69,6 +70,7 @@ import jdk.internal.util.jar.InvalidJarIndexError;
 import jdk.internal.util.jar.JarIndex;
 import sun.net.util.URLUtil;
 import sun.net.www.ParseUtil;
+import sun.security.action.GetPropertyAction;
 
 /**
  * This class is used to maintain a search path of URLs for loading classes
@@ -78,20 +80,15 @@ import sun.net.www.ParseUtil;
  */
 public class URLClassPath {
     private static final String USER_AGENT_JAVA_VERSION = "UA-Java-Version";
-    private static final String JAVA_HOME;
     private static final String JAVA_VERSION;
     private static final boolean DEBUG;
     private static final boolean DISABLE_JAR_CHECKING;
 
     static {
-        JAVA_HOME = java.security.AccessController.doPrivileged(
+        Properties props = GetPropertyAction.getProperties();
-            new sun.security.action.GetPropertyAction("java.home"));
+        JAVA_VERSION = props.getProperty("java.version");
-        JAVA_VERSION = java.security.AccessController.doPrivileged(
+        DEBUG = (props.getProperty("sun.misc.URLClassPath.debug") != null);
-            new sun.security.action.GetPropertyAction("java.version"));
+        String p = props.getProperty("sun.misc.URLClassPath.disableJarChecking");
-        DEBUG        = (java.security.AccessController.doPrivileged(
-            new sun.security.action.GetPropertyAction("sun.misc.URLClassPath.debug")) != null);
-        String p = java.security.AccessController.doPrivileged(
-            new sun.security.action.GetPropertyAction("sun.misc.URLClassPath.disableJarChecking"));
         DISABLE_JAR_CHECKING = p != null ? p.equals("true") || p.equals("") : false;
     }
 

jdk/src/java.base/share/classes/jdk/internal/logger/LoggerFinderLoader.java

@@ -33,6 +33,7 @@ import java.util.Locale;
 import java.util.ServiceConfigurationError;
 import java.util.ServiceLoader;
 import sun.security.util.SecurityConstants;
+import sun.security.action.GetPropertyAction;
 
 /**
  * Helper class used to load the {@link java.lang.System.LoggerFinder}.
@@ -79,9 +80,8 @@ public final class LoggerFinderLoader {
 
     // Get configuration error policy
     private static ErrorPolicy configurationErrorPolicy() {
-        final PrivilegedAction<String> getConfigurationErrorPolicy =
+        String errorPolicy =
-                () -> System.getProperty("jdk.logger.finder.error");
+                GetPropertyAction.getProperty("jdk.logger.finder.error");
-        String errorPolicy = AccessController.doPrivileged(getConfigurationErrorPolicy);
         if (errorPolicy == null || errorPolicy.isEmpty()) {
             return ErrorPolicy.WARNING;
         }
@@ -95,9 +95,8 @@ public final class LoggerFinderLoader {
     // Whether multiple provider should be considered as an error.
     // This is further submitted to the configuration error policy.
     private static boolean ensureSingletonProvider() {
-        final PrivilegedAction<Boolean> ensureSingletonProvider =
+        return Boolean.parseBoolean(
-                () -> Boolean.getBoolean("jdk.logger.finder.singleton");
+                GetPropertyAction.getProperty("jdk.logger.finder.singleton"));
-        return AccessController.doPrivileged(ensureSingletonProvider);
     }
 
     private static Iterator<System.LoggerFinder> findLoggerFinderProviders() {

jdk/src/java.base/share/classes/jdk/internal/logger/SimpleConsoleLogger.java

@@ -55,8 +55,8 @@ public class SimpleConsoleLogger extends LoggerConfiguration
             PlatformLogger.toPlatformLevel(DEFAULT_LEVEL);
 
     static Level getDefaultLevel() {
-        String levelName = AccessController.doPrivileged(
+        String levelName = GetPropertyAction
-                new GetPropertyAction("jdk.system.logger.level", "INFO"));
+                .getProperty("jdk.system.logger.level", "INFO");
         try {
             return Level.valueOf(levelName);
         } catch (IllegalArgumentException iae) {
@@ -425,8 +425,8 @@ public class SimpleConsoleLogger extends LoggerConfiguration
         // Make it easier to wrap Logger...
         static private final String[] skips;
         static {
-            String additionalPkgs = AccessController.doPrivileged(
+            String additionalPkgs =
-                new GetPropertyAction("jdk.logger.packages"));
+                    GetPropertyAction.getProperty("jdk.logger.packages");
             skips = additionalPkgs == null ? new String[0] : additionalPkgs.split(",");
         }
 
@@ -485,7 +485,7 @@ public class SimpleConsoleLogger extends LoggerConfiguration
             //    jdk/test/java/lang/invoke/lambda/LogGeneratedClassesTest.java
             // to fail - because that test has a testcase which somehow references
             // PlatformLogger and counts the number of generated lambda classes.
-            String format = AccessController.doPrivileged(new GetPropertyAction(key));
+            String format = GetPropertyAction.getProperty(key);
 
             if (format == null && defaultPropertyGetter != null) {
                 format = defaultPropertyGetter.apply(key);

jdk/src/java.base/share/classes/jdk/internal/reflect/Reflection.java

@@ -27,13 +27,12 @@ package jdk.internal.reflect;
 
 
 import java.lang.reflect.*;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Objects;
 import jdk.internal.HotSpotIntrinsicCandidate;
 import jdk.internal.misc.VM;
+import sun.security.action.GetPropertyAction;
 
 /** Common utility routines used by both java.lang and
     java.lang.reflect */
@@ -344,15 +343,10 @@ public class Reflection {
 
     private static void printStackTraceIfNeeded(Throwable e) {
         if (!printStackWhenAccessFailsSet && VM.initLevel() >= 1) {
-            // can't use method reference here, might be too early in startup
+            String s = GetPropertyAction
-            PrivilegedAction<Boolean> pa = new PrivilegedAction<Boolean>() {
+                    .getProperty("sun.reflect.debugModuleAccessChecks");
-                public Boolean run() {
+            printStackWhenAccessFails =
-                    String s;
+                    (s != null && !s.equalsIgnoreCase("false"));
-                    s = System.getProperty("sun.reflect.debugModuleAccessChecks");
-                    return (s != null && !s.equalsIgnoreCase("false"));
-                }
-            };
-            printStackWhenAccessFails = AccessController.doPrivileged(pa);
             printStackWhenAccessFailsSet = true;
         }
         if (printStackWhenAccessFails) {

jdk/src/java.base/share/classes/jdk/internal/reflect/ReflectionFactory.java

@@ -30,10 +30,11 @@ import java.lang.reflect.Executable;
 import java.lang.reflect.Method;
 import java.lang.reflect.Constructor;
 import java.lang.reflect.Modifier;
-import java.security.AccessController;
 import java.security.Permission;
 import java.security.PrivilegedAction;
+import java.util.Properties;
 import sun.reflect.misc.ReflectUtil;
+import sun.security.action.GetPropertyAction;
 
 /** <P> The master factory for all reflective objects, both those in
     java.lang.reflect (Fields, Methods, Constructors) as well as their
@@ -382,9 +383,7 @@ public class ReflectionFactory {
         run, before the system properties are set up. */
     private static void checkInitted() {
         if (initted) return;
-        AccessController.doPrivileged(
+
-            new PrivilegedAction<>() {
-                public Void run() {
         // Tests to ensure the system properties table is fully
         // initialized. This is needed because reflection code is
         // called very early in the initialization process (before
@@ -396,15 +395,16 @@ public class ReflectionFactory {
 
         if (System.out == null) {
             // java.lang.System not yet fully initialized
-                        return null;
+            return;
         }
 
-                    String val = System.getProperty("sun.reflect.noInflation");
+        Properties props = GetPropertyAction.getProperties();
+        String val = props.getProperty("sun.reflect.noInflation");
         if (val != null && val.equals("true")) {
             noInflation = true;
         }
 
-                    val = System.getProperty("sun.reflect.inflationThreshold");
+        val = props.getProperty("sun.reflect.inflationThreshold");
         if (val != null) {
             try {
                 inflationThreshold = Integer.parseInt(val);
@@ -414,9 +414,6 @@ public class ReflectionFactory {
         }
 
         initted = true;
-                    return null;
-                }
-            });
     }
 
     private static LangReflectAccess langReflectAccess() {

jdk/src/java.base/share/classes/sun/net/ResourceManager.java

@@ -53,9 +53,8 @@ public class ResourceManager {
     private static final AtomicInteger numSockets;
 
     static {
-        String prop = java.security.AccessController.doPrivileged(
+        String prop =
-            new GetPropertyAction("sun.net.maxDatagramSockets")
+                GetPropertyAction.getProperty("sun.net.maxDatagramSockets");
-        );
         int defmax = DEFAULT_MAX_SOCKETS;
         try {
             if (prop != null) {

jdk/src/java.base/share/classes/sun/net/sdp/SdpSupport.java

@@ -31,6 +31,7 @@ import java.security.AccessController;
 
 import jdk.internal.misc.SharedSecrets;
 import jdk.internal.misc.JavaIOFileDescriptorAccess;
+import sun.security.action.GetPropertyAction;
 
 
 /**
@@ -39,8 +40,7 @@ import jdk.internal.misc.JavaIOFileDescriptorAccess;
  */
 
 public final class SdpSupport {
-    private static final String os = AccessController
+    private static final String os = GetPropertyAction.getProperty("os.name");
-        .doPrivileged(new sun.security.action.GetPropertyAction("os.name"));
     private static final boolean isSupported = (os.equals("SunOS") || (os.equals("Linux")));
     private static final JavaIOFileDescriptorAccess fdAccess =
         SharedSecrets.getJavaIOFileDescriptorAccess();

jdk/src/java.base/share/classes/sun/net/smtp/SmtpClient.java

@@ -25,10 +25,10 @@
 
 package sun.net.smtp;
 
-import java.util.StringTokenizer;
 import java.io.*;
 import java.net.*;
 import sun.net.TransferProtocolClient;
+import sun.security.action.GetPropertyAction;
 
 /**
  * This class implements the SMTP client.
@@ -157,8 +157,7 @@ public class SmtpClient extends TransferProtocolClient {
         }
         try {
             String s;
-            mailhost = java.security.AccessController.doPrivileged(
+            mailhost = GetPropertyAction.getProperty("mail.host");
-                    new sun.security.action.GetPropertyAction("mail.host"));
             if (mailhost != null) {
                 openServer(mailhost);
                 return;
@@ -184,8 +183,7 @@ public class SmtpClient extends TransferProtocolClient {
         setConnectTimeout(to);
         try {
             String s;
-            mailhost = java.security.AccessController.doPrivileged(
+            mailhost = GetPropertyAction.getProperty("mail.host");
-                    new sun.security.action.GetPropertyAction("mail.host"));
             if (mailhost != null) {
                 openServer(mailhost);
                 return;

jdk/src/java.base/share/classes/sun/net/www/MimeLauncher.java

@@ -27,6 +27,7 @@ package sun.net.www;
 import java.net.URL;
 import java.io.*;
 import java.util.StringTokenizer;
+import sun.security.action.GetPropertyAction;
 
 class MimeLauncher extends Thread {
     java.net.URLConnection uc;
@@ -182,8 +183,7 @@ class MimeLauncher extends Thread {
         }
 
         String execPathList;
-        execPathList = java.security.AccessController.doPrivileged(
+        execPathList = GetPropertyAction.getProperty("exec.path");
-                new sun.security.action.GetPropertyAction("exec.path"));
         if (execPathList == null) {
             // exec.path property not set
             return false;

jdk/src/java.base/share/classes/sun/net/www/http/HttpClient.java

@@ -28,6 +28,7 @@ package sun.net.www.http;
 import java.io.*;
 import java.net.*;
 import java.util.Locale;
+import java.util.Properties;
 import sun.net.NetworkClient;
 import sun.net.ProgressSource;
 import sun.net.www.MessageHeader;
@@ -37,6 +38,7 @@ import sun.net.www.ParseUtil;
 import sun.net.www.protocol.http.HttpURLConnection;
 import sun.util.logging.PlatformLogger;
 import static sun.net.www.protocol.http.HttpURLConnection.TunnelState.*;
+import sun.security.action.GetPropertyAction;
 
 /**
  * @author Herb Jellinek
@@ -143,20 +145,18 @@ public class HttpClient extends NetworkClient {
     }
 
     static {
-        String keepAlive = java.security.AccessController.doPrivileged(
+        Properties props = GetPropertyAction.getProperties();
-            new sun.security.action.GetPropertyAction("http.keepAlive"));
+        String keepAlive = props.getProperty("http.keepAlive");
-
+        String retryPost = props.getProperty("sun.net.http.retryPost");
-        String retryPost = java.security.AccessController.doPrivileged(
-            new sun.security.action.GetPropertyAction("sun.net.http.retryPost"));
 
         if (keepAlive != null) {
-            keepAliveProp = Boolean.valueOf(keepAlive).booleanValue();
+            keepAliveProp = Boolean.parseBoolean(keepAlive);
         } else {
             keepAliveProp = true;
         }
 
         if (retryPost != null) {
-            retryPostProp = Boolean.valueOf(retryPost).booleanValue();
+            retryPostProp = Boolean.parseBoolean(retryPost);
         } else
             retryPostProp = true;
 

jdk/src/java.base/share/classes/sun/net/www/protocol/ftp/FtpURLConnection.java

@@ -46,6 +46,7 @@ import java.net.ProxySelector;
 import java.util.StringTokenizer;
 import java.util.Iterator;
 import java.security.Permission;
+import java.util.Properties;
 import sun.net.NetworkClient;
 import sun.net.www.MessageHeader;
 import sun.net.www.MeteredStream;
@@ -277,11 +278,10 @@ public class FtpURLConnection extends URLConnection {
 
         if (user == null) {
             user = "anonymous";
-            String vers = java.security.AccessController.doPrivileged(
+            Properties props = GetPropertyAction.getProperties();
-                    new GetPropertyAction("java.version"));
+            String vers = props.getProperty("java.version");
-            password = java.security.AccessController.doPrivileged(
+            password = props.getProperty("ftp.protocol.user",
-                    new GetPropertyAction("ftp.protocol.user",
+                    "Java" + vers + "@");
-                                          "Java" + vers + "@"));
         }
         try {
             ftp = FtpClient.create();

jdk/src/java.base/share/classes/sun/net/www/protocol/http/AuthenticationHeader.java

@@ -25,9 +25,10 @@
 
 package sun.net.www.protocol.http;
 
-import sun.net.www.*;
 import java.util.Iterator;
 import java.util.HashMap;
+import sun.net.www.*;
+import sun.security.action.GetPropertyAction;
 
 /**
  * This class is used to parse the information in WWW-Authenticate: and Proxy-Authenticate:
@@ -93,8 +94,7 @@ public class AuthenticationHeader {
     }
 
     static {
-        authPref = java.security.AccessController.doPrivileged(
+        authPref = GetPropertyAction.getProperty("http.auth.preference");
-            new sun.security.action.GetPropertyAction("http.auth.preference"));
 
         // http.auth.preference can be set to SPNEGO or Kerberos.
         // In fact they means "Negotiate with SPNEGO" and "Negotiate with

jdk/src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java

@@ -52,7 +52,6 @@ import java.security.AccessController;
 import java.security.PrivilegedExceptionAction;
 import java.security.PrivilegedActionException;
 import java.io.*;
-import java.net.*;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Date;
@@ -78,12 +77,15 @@ import java.text.SimpleDateFormat;
 import java.util.TimeZone;
 import java.net.MalformedURLException;
 import java.nio.ByteBuffer;
+import java.util.Properties;
 import static sun.net.www.protocol.http.AuthScheme.BASIC;
 import static sun.net.www.protocol.http.AuthScheme.DIGEST;
 import static sun.net.www.protocol.http.AuthScheme.NTLM;
 import static sun.net.www.protocol.http.AuthScheme.NEGOTIATE;
 import static sun.net.www.protocol.http.AuthScheme.KERBEROS;
 import static sun.net.www.protocol.http.AuthScheme.UNKNOWN;
+import sun.security.action.GetIntegerAction;
+import sun.security.action.GetPropertyAction;
 
 /**
  * A class to represent an HTTP connection to a remote object.
@@ -205,46 +207,38 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
     };
 
     static {
-        maxRedirects = java.security.AccessController.doPrivileged(
+        Properties props = GetPropertyAction.getProperties();
-            new sun.security.action.GetIntegerAction(
+        maxRedirects = GetIntegerAction.getProperty("http.maxRedirects",
-                "http.maxRedirects", defaultmaxRedirects)).intValue();
+                        defaultmaxRedirects);
-        version = java.security.AccessController.doPrivileged(
+        version = props.getProperty("java.version");
-                    new sun.security.action.GetPropertyAction("java.version"));
+        String agent = props.getProperty("http.agent");
-        String agent = java.security.AccessController.doPrivileged(
-                    new sun.security.action.GetPropertyAction("http.agent"));
         if (agent == null) {
             agent = "Java/"+version;
         } else {
             agent = agent + " Java/"+version;
         }
         userAgent = agent;
-        validateProxy = java.security.AccessController.doPrivileged(
+        validateProxy = Boolean.parseBoolean(
-                new sun.security.action.GetBooleanAction(
+                props.getProperty("http.auth.digest.validateProxy"));
-                    "http.auth.digest.validateProxy")).booleanValue();
+        validateServer = Boolean.parseBoolean(
-        validateServer = java.security.AccessController.doPrivileged(
+                props.getProperty("http.auth.digest.validateServer"));
-                new sun.security.action.GetBooleanAction(
-                    "http.auth.digest.validateServer")).booleanValue();
 
-        enableESBuffer = java.security.AccessController.doPrivileged(
+        enableESBuffer = Boolean.parseBoolean(
-                new sun.security.action.GetBooleanAction(
+                props.getProperty("sun.net.http.errorstream.enableBuffering"));
-                    "sun.net.http.errorstream.enableBuffering")).booleanValue();
+        timeout4ESBuffer = GetIntegerAction
-        timeout4ESBuffer = java.security.AccessController.doPrivileged(
+                .getProperty("sun.net.http.errorstream.timeout", 300);
-                new sun.security.action.GetIntegerAction(
-                    "sun.net.http.errorstream.timeout", 300)).intValue();
         if (timeout4ESBuffer <= 0) {
             timeout4ESBuffer = 300; // use the default
         }
 
-        bufSize4ES = java.security.AccessController.doPrivileged(
+        bufSize4ES = GetIntegerAction
-                new sun.security.action.GetIntegerAction(
+                .getProperty("sun.net.http.errorstream.bufferSize", 4096);
-                    "sun.net.http.errorstream.bufferSize", 4096)).intValue();
         if (bufSize4ES <= 0) {
             bufSize4ES = 4096; // use the default
         }
 
-        allowRestrictedHeaders = java.security.AccessController.doPrivileged(
+        allowRestrictedHeaders = Boolean.parseBoolean(
-                new sun.security.action.GetBooleanAction(
+                props.getProperty("sun.net.http.allowRestrictedHeaders"));
-                    "sun.net.http.allowRestrictedHeaders")).booleanValue();
         if (!allowRestrictedHeaders) {
             restrictedHeaderSet = new HashSet<>(restrictedHeaders.length);
             for (int i=0; i < restrictedHeaders.length; i++) {

jdk/src/java.base/share/classes/sun/net/www/protocol/https/HttpsClient.java

@@ -41,7 +41,6 @@ import java.security.Principal;
 import java.security.cert.*;
 import java.util.StringTokenizer;
 import java.util.Vector;
-import java.security.AccessController;
 
 import javax.security.auth.x500.X500Principal;
 
@@ -139,8 +138,8 @@ final class HttpsClient extends HttpClient
         // If ciphers are assigned, sort them into an array.
         //
         String ciphers [];
-        String cipherString = AccessController.doPrivileged(
+        String cipherString =
-                new GetPropertyAction("https.cipherSuites"));
+                GetPropertyAction.getProperty("https.cipherSuites");
 
         if (cipherString == null || "".equals(cipherString)) {
             ciphers = null;
@@ -163,8 +162,8 @@ final class HttpsClient extends HttpClient
         // If protocols are assigned, sort them into an array.
         //
         String protocols [];
-        String protocolString = AccessController.doPrivileged(
+        String protocolString =
-                new GetPropertyAction("https.protocols"));
+                GetPropertyAction.getProperty("https.protocols");
 
         if (protocolString == null || "".equals(protocolString)) {
             protocols = null;
@@ -184,8 +183,7 @@ final class HttpsClient extends HttpClient
     }
 
     private String getUserAgent() {
-        String userAgent = java.security.AccessController.doPrivileged(
+        String userAgent = GetPropertyAction.getProperty("https.agent");
-                new sun.security.action.GetPropertyAction("https.agent"));
         if (userAgent == null || userAgent.length() == 0) {
             userAgent = "JSSE";
         }

jdk/src/java.base/share/classes/sun/net/www/protocol/jrt/JavaRuntimeURLConnection.java

@@ -32,10 +32,7 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.net.MalformedURLException;
 import java.net.URL;
-import java.security.AccessController;
 import java.security.Permission;
-import java.security.PrivilegedAction;
-import java.util.List;
 
 import jdk.internal.jimage.ImageLocation;
 import jdk.internal.jimage.ImageReader;
@@ -45,6 +42,7 @@ import jdk.internal.loader.URLClassPath;
 import jdk.internal.loader.Resource;
 import sun.net.www.ParseUtil;
 import sun.net.www.URLConnection;
+import sun.security.action.GetPropertyAction;
 
 /**
  * URLConnection implementation that can be used to connect to resources
@@ -163,11 +161,7 @@ public class JavaRuntimeURLConnection extends URLConnection {
     public Permission getPermission() throws IOException {
         Permission p = permission;
         if (p == null) {
-            // using lambda expression here leads to recursive initialization
+            String home = GetPropertyAction.getProperty("java.home");
-            PrivilegedAction<String> pa = new PrivilegedAction<String>() {
-                public String run() { return System.getProperty("java.home"); }
-            };
-            String home = AccessController.doPrivileged(pa);
             p = new FilePermission(home + File.separator + "-", "read");
             permission = p;
         }

jdk/src/java.base/share/classes/sun/net/www/protocol/netdoc/Handler.java

@@ -40,6 +40,7 @@ import java.net.MalformedURLException;
 import java.net.URLStreamHandler;
 import java.io.InputStream;
 import java.io.IOException;
+import sun.security.action.GetPropertyAction;
 
 public class Handler extends URLStreamHandler {
     static URL base;
@@ -54,12 +55,10 @@ public class Handler extends URLStreamHandler {
         URLConnection uc = null;
         URL ru;
 
-        Boolean tmp = java.security.AccessController.doPrivileged(
+        boolean localonly = Boolean.parseBoolean(
-            new sun.security.action.GetBooleanAction("newdoc.localonly"));
+                GetPropertyAction.getProperty("newdoc.localonly"));
-        boolean localonly = tmp.booleanValue();
 
-        String docurl = java.security.AccessController.doPrivileged(
+        String docurl = GetPropertyAction.getProperty("doc.url");
-            new sun.security.action.GetPropertyAction("doc.url"));
 
         String file = u.getFile();
         if (!localonly) {

jdk/src/java.base/share/classes/sun/nio/ch/FileChannelImpl.java

@@ -1019,9 +1019,8 @@ public class FileChannelImpl
         if (!propertyChecked) {
             synchronized (FileChannelImpl.class) {
                 if (!propertyChecked) {
-                    String value = AccessController.doPrivileged(
+                    String value = GetPropertyAction.getProperty(
-                        new GetPropertyAction(
+                            "sun.nio.ch.disableSystemWideOverlappingFileLockCheck");
-                            "sun.nio.ch.disableSystemWideOverlappingFileLockCheck"));
                     isSharedFileLockTable = ((value == null) || value.equals("false"));
                     propertyChecked = true;
                 }

jdk/src/java.base/share/classes/sun/nio/ch/Net.java

@@ -33,6 +33,7 @@ import java.util.*;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
 import sun.net.ExtendedOptionsImpl;
+import sun.security.action.GetPropertyAction;
 
 
 public class Net {
@@ -382,13 +383,8 @@ public class Net {
     }
 
     public static boolean isFastTcpLoopbackRequested() {
-        String loopbackProp = java.security.AccessController.doPrivileged(
+        String loopbackProp =
-            new PrivilegedAction<String>() {
+                GetPropertyAction.getProperty("jdk.net.useFastTcpLoopback");
-                @Override
-                public String run() {
-                    return System.getProperty("jdk.net.useFastTcpLoopback");
-                }
-            });
         boolean enable;
         if ("".equals(loopbackProp)) {
             enable = true;
@@ -647,16 +643,9 @@ public class Net {
         int availLevel = isExclusiveBindAvailable();
         if (availLevel >= 0) {
             String exclBindProp =
-                java.security.AccessController.doPrivileged(
+                    GetPropertyAction.getProperty("sun.net.useExclusiveBind");
-                    new PrivilegedAction<String>() {
-                        @Override
-                        public String run() {
-                            return System.getProperty(
-                                    "sun.net.useExclusiveBind");
-                        }
-                    });
             if (exclBindProp != null) {
-                exclusiveBind = exclBindProp.length() == 0 ?
+                exclusiveBind = exclBindProp.isEmpty() ?
                         true : Boolean.parseBoolean(exclBindProp);
             } else if (availLevel == 1) {
                 exclusiveBind = true;

jdk/src/java.base/share/classes/sun/nio/ch/Util.java

@@ -64,13 +64,7 @@ public class Util {
      * for potential future-proofing.
      */
     private static long getMaxCachedBufferSize() {
-        String s = java.security.AccessController.doPrivileged(
+        String s = GetPropertyAction.getProperty("jdk.nio.maxCachedBufferSize");
-            new PrivilegedAction<String>() {
-                @Override
-                public String run() {
-                    return System.getProperty("jdk.nio.maxCachedBufferSize");
-                }
-            });
         if (s != null) {
             try {
                 long m = Long.parseLong(s);
@@ -471,8 +465,7 @@ public class Util {
         if (bugLevel == null) {
             if (!jdk.internal.misc.VM.isBooted())
                 return false;
-            String value = AccessController.doPrivileged(
+            String value = GetPropertyAction.getProperty("sun.nio.ch.bugLevel");
-                new GetPropertyAction("sun.nio.ch.bugLevel"));
             bugLevel = (value != null) ? value : "";
         }
         return bugLevel.equals(bl);

jdk/src/java.base/share/classes/sun/nio/cs/StandardCharsets.java.template

@@ -34,8 +34,7 @@ import java.nio.charset.spi.CharsetProvider;
 import java.util.Iterator;
 import java.util.Locale;
 import java.util.Map;
-import java.security.AccessController;
+import sun.security.action.GetPropertyAction;
-import java.security.PrivilegedAction;
 
 public class StandardCharsets extends CharsetProvider {
 
@@ -201,15 +200,7 @@ public class StandardCharsets extends CharsetProvider {
     }
 
     private static String getProperty(String key) {
-        // this method may be called during initialization of
+        return GetPropertyAction.getProperty(key);
-        // system class loader and thus not using lambda
-        return AccessController.doPrivileged(
-            new PrivilegedAction<String>() {
-                @Override
-                public String run() {
-                    return System.getProperty(key);
-                }
-            });
     }
 
 

jdk/src/java.base/share/classes/sun/nio/fs/Util.java

@@ -28,8 +28,7 @@ package sun.nio.fs;
 import java.util.*;
 import java.nio.file.*;
 import java.nio.charset.Charset;
-import java.security.*;
+import sun.security.action.GetPropertyAction;
-import sun.security.action.*;
 
 /**
  * Utility methods
@@ -39,7 +38,7 @@ class Util {
     private Util() { }
 
     private static final Charset jnuEncoding = Charset.forName(
-        AccessController.doPrivileged(new GetPropertyAction("sun.jnu.encoding")));
+        GetPropertyAction.getProperty("sun.jnu.encoding"));
 
     /**
      * Returns {@code Charset} corresponding to the sun.jnu.encoding property

jdk/src/java.base/share/classes/sun/security/action/GetIntegerAction.java

@@ -25,6 +25,8 @@
 
 package sun.security.action;
 
+import java.security.AccessController;
+
 /**
  * A convenience class for retrieving the integer value of a system property
  * as a privileged action.
@@ -67,7 +69,7 @@ public class GetIntegerAction
         implements java.security.PrivilegedAction<Integer> {
     private String theProp;
     private int defaultVal;
-    private boolean defaultSet = false;
+    private boolean defaultSet;
 
     /**
      * Constructor that takes the name of the system property whose integer
@@ -110,4 +112,39 @@ public class GetIntegerAction
             return defaultVal;
         return value;
     }
+
+    /**
+     * Convenience method to get a property without going through doPrivileged
+     * if no security manager is present. This is unsafe for inclusion in a
+     * public API but allowable here since this class is now encapsulated.
+     *
+     * @param theProp the name of the system property.
+     */
+    public static Integer getProperty(String theProp) {
+        if (System.getSecurityManager() == null) {
+            return Integer.getInteger(theProp);
+        } else {
+            return AccessController.doPrivileged(
+                    new GetIntegerAction(theProp));
+        }
+    }
+
+    /**
+     * Convenience method to get a property without going through doPrivileged
+     * if no security manager is present. This is unsafe for inclusion in a
+     * public API but allowable here since this class is now encapsulated.
+     *
+     * @param theProp the name of the system property.
+     * @param defaultVal the default value.
+     */
+    public static Integer getProperty(String theProp, int defaultVal) {
+        Integer value;
+        if (System.getSecurityManager() == null) {
+            value = Integer.getInteger(theProp);
+        } else {
+            value = AccessController.doPrivileged(
+                    new GetIntegerAction(theProp));
+        }
+        return (value != null) ? value : defaultVal;
+    }
 }

jdk/src/java.base/share/classes/sun/security/action/GetPropertyAction.java

@@ -25,6 +25,10 @@
 
 package sun.security.action;
 
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.util.Properties;
+
 /**
  * A convenience class for retrieving the string value of a system
  * property as a privileged action.
@@ -46,8 +50,7 @@ package sun.security.action;
  * @since 1.2
  */
 
-public class GetPropertyAction
+public class GetPropertyAction implements PrivilegedAction<String> {
-        implements java.security.PrivilegedAction<String> {
     private String theProp;
     private String defaultVal;
 
@@ -84,4 +87,57 @@ public class GetPropertyAction
         String value = System.getProperty(theProp);
         return (value == null) ? defaultVal : value;
     }
+
+    /**
+     * Convenience method to get a property without going through doPrivileged
+     * if no security manager is present. This is unsafe for inclusion in a
+     * public API but allowable here since this class is now encapsulated.
+     *
+     * @param theProp the name of the system property.
+     */
+    public static String getProperty(String theProp) {
+        if (System.getSecurityManager() == null) {
+            return System.getProperty(theProp);
+        } else {
+            return AccessController.doPrivileged(
+                    new GetPropertyAction(theProp));
+        }
+    }
+
+    /**
+     * Convenience method to get a property without going through doPrivileged
+     * if no security manager is present. This is unsafe for inclusion in a
+     * public API but allowable here since this class is now encapsulated.
+     *
+     * @param theProp the name of the system property.
+     * @param defaultVal the default value.
+     */
+    public static String getProperty(String theProp, String defaultVal) {
+        if (System.getSecurityManager() == null) {
+            return System.getProperty(theProp, defaultVal);
+        } else {
+            return AccessController.doPrivileged(
+                    new GetPropertyAction(theProp, defaultVal));
+        }
+    }
+
+    /**
+     * Convenience method to call <code>System.getProperties</code> without
+     * having to go through doPrivileged if no security manager is present.
+     * This is unsafe for inclusion in a public API but allowable here since
+     * this class is now encapsulated.
+     */
+    public static Properties getProperties() {
+        if (System.getSecurityManager() == null) {
+            return System.getProperties();
+        } else {
+            return AccessController.doPrivileged(
+                    new PrivilegedAction<Properties>() {
+                        public Properties run() {
+                            return System.getProperties();
+                        }
+                    }
+            );
+        }
+    }
 }

jdk/src/java.base/share/classes/sun/security/provider/DSAKeyFactory.java

@@ -70,8 +70,7 @@ public class DSAKeyFactory extends KeyFactorySpi {
          * By default this is false.
          * This incompatibility was introduced by 4532506.
          */
-        String prop = AccessController.doPrivileged
+        String prop = GetPropertyAction.getProperty(SERIAL_PROP);
-                (new GetPropertyAction(SERIAL_PROP, null));
         SERIAL_INTEROP = "true".equalsIgnoreCase(prop);
     }
 

jdk/src/java.base/share/classes/sun/security/rsa/RSAKeyFactory.java

@@ -84,9 +84,8 @@ public final class RSAKeyFactory extends KeyFactorySpi {
     public static final int MAX_RESTRICTED_EXPLEN = 64;
 
     private static final boolean restrictExpLen =
-        "true".equalsIgnoreCase(AccessController.doPrivileged(
+        "true".equalsIgnoreCase(GetPropertyAction.getProperty(
-            new GetPropertyAction(
+                "sun.security.rsa.restrictRSAExponent", "true"));
-                "sun.security.rsa.restrictRSAExponent", "true")));
 
     // instance used for static translateKey();
     private static final RSAKeyFactory INSTANCE = new RSAKeyFactory();

jdk/src/java.base/share/classes/sun/security/ssl/ClientKeyExchangeService.java

@@ -50,10 +50,7 @@ public interface ClientKeyExchangeService {
                 providers = new HashMap<>();
 
         static {
-            final String key = "java.home";
+            String path = GetPropertyAction.getProperty("java.home");
-            String path = AccessController.doPrivileged(
-                    new GetPropertyAction(key), null,
-                    new PropertyPermission(key, "read"));
             ServiceLoader<ClientKeyExchangeService> sc =
                     AccessController.doPrivileged(
                             (PrivilegedAction<ServiceLoader<ClientKeyExchangeService>>)

jdk/src/java.base/share/classes/sun/security/ssl/Debug.java

@@ -26,7 +26,6 @@
 package sun.security.ssl;
 
 import java.io.PrintStream;
-import java.security.AccessController;
 import java.util.Locale;
 
 import sun.security.util.HexDumpEncoder;
@@ -46,8 +45,7 @@ public class Debug {
     private static String args;
 
     static {
-        args = java.security.AccessController.doPrivileged(
+        args = GetPropertyAction.getProperty("javax.net.debug", "");
-            new GetPropertyAction("javax.net.debug", ""));
         args = args.toLowerCase(Locale.ENGLISH);
         if (args.equals("help")) {
             Help();
@@ -184,8 +182,7 @@ public class Debug {
      */
     static boolean getBooleanProperty(String propName, boolean defaultValue) {
         // if set, require value of either true or false
-        String b = AccessController.doPrivileged(
+        String b = GetPropertyAction.getProperty(propName);
-                new GetPropertyAction(propName));
         if (b == null) {
             return defaultValue;
         } else if (b.equalsIgnoreCase("false")) {

jdk/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java

@@ -656,8 +656,7 @@ public abstract class SSLContextImpl extends SSLContextSpi {
         // the provider service. Instead, please handle the initialization
         // exception in the caller's constructor.
         static {
-            String property = AccessController.doPrivileged(
+            String property = GetPropertyAction.getProperty(PROPERTY_NAME);
-                    new GetPropertyAction(PROPERTY_NAME));
             if (property != null && property.length() != 0) {
                 // remove double quote marks from beginning/end of the property
                 if (property.length() > 1 && property.charAt(0) == '"' &&

jdk/src/java.base/share/classes/sun/security/ssl/ServerHandshaker.java

@@ -119,8 +119,8 @@ final class ServerHandshaker extends Handshaker {
     private long statusRespTimeout;
 
     static {
-        String property = AccessController.doPrivileged(
+        String property =
-                    new GetPropertyAction("jdk.tls.ephemeralDHKeySize"));
+                GetPropertyAction.getProperty("jdk.tls.ephemeralDHKeySize");
         if (property == null || property.length() == 0) {
             useLegacyEphemeralDHKeys = false;
             useSmartEphemeralDHKeys = false;

jdk/src/java.base/share/classes/sun/security/ssl/StatusResponseManager.java

@@ -73,8 +73,8 @@ final class StatusResponseManager {
                     DEFAULT_CACHE_LIFETIME));
         cacheLifetime = life > 0 ? life : 0;
 
-        String uriStr = AccessController.doPrivileged(
+        String uriStr =
-                new GetPropertyAction("jdk.tls.stapling.responderURI"));
+                GetPropertyAction.getProperty("jdk.tls.stapling.responderURI");
         URI tmpURI;
         try {
             tmpURI = ((uriStr != null && !uriStr.isEmpty()) ?

jdk/src/java.base/share/classes/sun/security/util/Debug.java

@@ -29,6 +29,7 @@ import java.math.BigInteger;
 import java.util.regex.Pattern;
 import java.util.regex.Matcher;
 import java.util.Locale;
+import sun.security.action.GetPropertyAction;
 
 /**
  * A utility class for debuging.
@@ -42,13 +43,10 @@ public class Debug {
     private static String args;
 
     static {
-        args = java.security.AccessController.doPrivileged
+        args = GetPropertyAction.getProperty("java.security.debug");
-                (new sun.security.action.GetPropertyAction
-                ("java.security.debug"));
 
-        String args2 = java.security.AccessController.doPrivileged
+        String args2 =
-                (new sun.security.action.GetPropertyAction
+                GetPropertyAction.getProperty("java.security.auth.debug");
-                ("java.security.auth.debug"));
 
         if (args == null) {
             args = args2;

jdk/src/java.base/share/classes/sun/util/calendar/LocalGregorianCalendar.java

@@ -27,6 +27,7 @@ package sun.util.calendar;
 
 import java.security.AccessController;
 import java.util.TimeZone;
+import sun.security.action.GetPropertyAction;
 
 /**
  *
@@ -142,8 +143,8 @@ public class LocalGregorianCalendar extends BaseCalendar {
         }
 
         // Append an era to the predefined eras if it's given by the property.
-        String prop = AccessController.doPrivileged(
+        String prop = GetPropertyAction
-                new sun.security.action.GetPropertyAction("jdk.calendar.japanese.supplemental.era"));
+                .getProperty("jdk.calendar.japanese.supplemental.era");
         if (prop != null) {
             Era era = parseEraEntry(prop);
             if (era != null) {

jdk/src/java.base/share/classes/sun/util/calendar/ZoneInfoFile.java

@@ -245,11 +245,8 @@ public final class ZoneInfoFile {
     };
 
     static {
-        String oldmapping = AccessController.doPrivileged(
+        USE_OLDMAPPING = AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
-            new GetPropertyAction("sun.timezone.ids.oldmapping", "false")).toLowerCase(Locale.ROOT);
+            public Boolean run() {
-        USE_OLDMAPPING = (oldmapping.equals("yes") || oldmapping.equals("true"));
-        AccessController.doPrivileged(new PrivilegedAction<Object>() {
-            public Object run() {
                 try {
                     String libDir = System.getProperty("java.home") + File.separator + "lib";
                     try (DataInputStream dis = new DataInputStream(
@@ -260,7 +257,9 @@ public final class ZoneInfoFile {
                 } catch (Exception x) {
                     throw new Error(x);
                 }
-                return null;
+                String oldmapping = System.getProperty("sun.timezone.ids.oldmapping", "false")
+                    .toLowerCase(Locale.ROOT);
+                return (oldmapping.equals("yes") || oldmapping.equals("true"));
             }
         });
     }

jdk/src/java.base/share/classes/sun/util/locale/provider/LocaleProviderAdapter.java

@@ -25,7 +25,6 @@
 
 package sun.util.locale.provider;
 
-import java.security.AccessController;
 import java.text.spi.BreakIteratorProvider;
 import java.text.spi.CollatorProvider;
 import java.text.spi.DateFormatProvider;
@@ -47,6 +46,7 @@ import java.util.spi.CurrencyNameProvider;
 import java.util.spi.LocaleNameProvider;
 import java.util.spi.LocaleServiceProvider;
 import java.util.spi.TimeZoneNameProvider;
+import sun.security.action.GetPropertyAction;
 import sun.util.spi.CalendarProvider;
 
 /**
@@ -116,8 +116,7 @@ public abstract class LocaleProviderAdapter {
         adapterCache = new ConcurrentHashMap<>();
 
     static {
-        String order = AccessController.doPrivileged(
+        String order = GetPropertyAction.getProperty("java.locale.providers");
-                           new sun.security.action.GetPropertyAction("java.locale.providers"));
         List<Type> typeList = new ArrayList<>();
 
         // Check user specified adapter preference

jdk/src/java.base/solaris/classes/sun/nio/fs/SolarisFileSystem.java

@@ -28,7 +28,6 @@ package sun.nio.fs;
 import java.nio.file.*;
 import java.io.IOException;
 import java.util.*;
-import java.security.AccessController;
 import sun.security.action.GetPropertyAction;
 import static sun.nio.fs.SolarisNativeDispatcher.*;
 
@@ -43,8 +42,7 @@ class SolarisFileSystem extends UnixFileSystem {
         super(provider, dir);
 
         // check os.version
-        String osversion = AccessController
+        String osversion = GetPropertyAction.getProperty("os.version");
-            .doPrivileged(new GetPropertyAction("os.version"));
         String[] vers = Util.split(osversion, '.');
         assert vers.length >= 2;
         int majorVersion = Integer.parseInt(vers[0]);

jdk/src/java.base/solaris/classes/sun/nio/fs/SolarisFileSystemProvider.java

@@ -29,7 +29,6 @@ import java.nio.file.*;
 import java.nio.file.attribute.*;
 import java.nio.file.spi.FileTypeDetector;
 import java.io.IOException;
-import java.security.AccessController;
 import sun.security.action.GetPropertyAction;
 
 /**
@@ -85,8 +84,8 @@ public class SolarisFileSystemProvider extends UnixFileSystemProvider {
 
     @Override
     FileTypeDetector getFileTypeDetector() {
-        Path userMimeTypes = Paths.get(AccessController.doPrivileged(
+        Path userMimeTypes = Paths.get(
-            new GetPropertyAction("user.home")), ".mime.types");
+            GetPropertyAction.getProperty("user.home"), ".mime.types");
         Path etcMimeTypes = Paths.get("/etc/mime.types");
 
         return chain(new GioFileTypeDetector(),

jdk/src/java.base/unix/classes/java/io/UnixFileSystem.java

@@ -25,7 +25,7 @@
 
 package java.io;
 
-import java.security.AccessController;
+import java.util.Properties;
 import sun.security.action.GetPropertyAction;
 
 
@@ -36,12 +36,10 @@ class UnixFileSystem extends FileSystem {
     private final String javaHome;
 
     public UnixFileSystem() {
-        slash = AccessController.doPrivileged(
+        Properties props = GetPropertyAction.getProperties();
-            new GetPropertyAction("file.separator")).charAt(0);
+        slash = props.getProperty("file.separator").charAt(0);
-        colon = AccessController.doPrivileged(
+        colon = props.getProperty("path.separator").charAt(0);
-            new GetPropertyAction("path.separator")).charAt(0);
+        javaHome = props.getProperty("java.home");
-        javaHome = AccessController.doPrivileged(
-            new GetPropertyAction("java.home"));
     }
 
 

jdk/src/java.base/unix/classes/java/lang/ProcessImpl.java

@@ -46,8 +46,10 @@ import static java.security.AccessController.doPrivileged;
 import java.security.PrivilegedAction;
 import java.security.PrivilegedActionException;
 import java.security.PrivilegedExceptionAction;
+import java.util.Properties;
 import jdk.internal.misc.JavaIOFileDescriptorAccess;
 import jdk.internal.misc.SharedSecrets;
+import sun.security.action.GetPropertyAction;
 
 /**
  * java.lang.Process subclass in the UNIX environment.
@@ -123,11 +125,9 @@ final class ProcessImpl extends Process {
         }
 
         String helperPath() {
-            return AccessController.doPrivileged(
+            Properties props = GetPropertyAction.getProperties();
-                (PrivilegedAction<String>) () ->
+            return helperPath(props.getProperty("java.home"),
-                    helperPath(System.getProperty("java.home"),
+                              props.getProperty("os.arch"));
-                               System.getProperty("os.arch"))
-            );
         }
 
         LaunchMechanism launchMechanism() {
@@ -159,9 +159,7 @@ final class ProcessImpl extends Process {
         }
 
         static Platform get() {
-            String osName = AccessController.doPrivileged(
+            String osName = GetPropertyAction.getProperty("os.name");
-                (PrivilegedAction<String>) () -> System.getProperty("os.name")
-            );
 
             if (osName.equals("Linux")) { return LINUX; }
             if (osName.contains("OS X")) { return BSD; }

jdk/src/java.base/unix/classes/java/net/DefaultDatagramSocketImplFactory.java

@@ -24,7 +24,7 @@
  */
 package java.net;
 
-import java.security.AccessController;
+import sun.security.action.GetPropertyAction;
 
 /**
  * This class defines a factory for creating DatagramSocketImpls. It defaults
@@ -40,8 +40,7 @@ class DefaultDatagramSocketImplFactory {
     static {
         String prefix = null;
         try {
-            prefix = AccessController.doPrivileged(
+            prefix = GetPropertyAction.getProperty("impl.prefix", null);
-                new sun.security.action.GetPropertyAction("impl.prefix", null));
             if (prefix != null)
                 prefixImplClass = Class.forName("java.net."+prefix+"DatagramSocketImpl");
         } catch (Exception e) {

jdk/src/java.base/unix/classes/sun/net/sdp/SdpProvider.java

@@ -34,7 +34,6 @@ import java.io.File;
 import java.io.FileDescriptor;
 import java.io.IOException;
 import java.io.PrintStream;
-import java.security.AccessController;
 
 import sun.net.sdp.SdpSupport;
 import sun.security.action.GetPropertyAction;
@@ -57,8 +56,7 @@ public class SdpProvider extends NetHooks.Provider {
 
     public SdpProvider() {
         // if this property is not defined then there is nothing to do.
-        String file = AccessController.doPrivileged(
+        String file = GetPropertyAction.getProperty("com.sun.sdp.conf");
-            new GetPropertyAction("com.sun.sdp.conf"));
         if (file == null) {
             this.enabled = false;
             this.rules = null;
@@ -77,8 +75,7 @@ public class SdpProvider extends NetHooks.Provider {
 
         // check if debugging is enabled
         PrintStream out = null;
-        String logfile = AccessController.doPrivileged(
+        String logfile = GetPropertyAction.getProperty("com.sun.sdp.debug");
-            new GetPropertyAction("com.sun.sdp.debug"));
         if (logfile != null) {
             out = System.out;
             if (logfile.length() > 0) {

jdk/src/java.base/unix/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java

@@ -39,6 +39,7 @@ import sun.net.www.HeaderParser;
 import sun.net.www.protocol.http.AuthenticationInfo;
 import sun.net.www.protocol.http.AuthScheme;
 import sun.net.www.protocol.http.HttpURLConnection;
+import sun.security.action.GetPropertyAction;
 
 /**
  * NTLMAuthentication:
@@ -73,12 +74,9 @@ public class NTLMAuthentication extends AuthenticationInfo {
         NTLMAuthenticationCallback.getNTLMAuthenticationCallback();
 
     private String hostname;
-    private static String defaultDomain; /* Domain to use if not specified by user */
+    /* Domain to use if not specified by user */
-
+    private static String defaultDomain =
-    static {
+            GetPropertyAction.getProperty("http.auth.ntlm.domain", "");
-        defaultDomain = java.security.AccessController.doPrivileged(
-            new sun.security.action.GetPropertyAction("http.auth.ntlm.domain", ""));
-    };
 
     public static boolean supportsTransparentAuth () {
         return false;
@@ -143,8 +141,7 @@ public class NTLMAuthentication extends AuthenticationInfo {
         password = pw.getPassword();
         init0();
         try {
-            String version = java.security.AccessController.doPrivileged(
+            String version = GetPropertyAction.getProperty("ntlm.version");
-                    new sun.security.action.GetPropertyAction("ntlm.version"));
             client = new Client(version, hostname, username, ntdomain, password);
         } catch (NTLMException ne) {
             try {

jdk/src/java.base/unix/classes/sun/nio/ch/DefaultAsynchronousChannelProvider.java

@@ -26,7 +26,6 @@
 package sun.nio.ch;
 
 import java.nio.channels.spi.AsynchronousChannelProvider;
-import java.security.AccessController;
 import sun.security.action.GetPropertyAction;
 
 /**
@@ -60,8 +59,7 @@ public class DefaultAsynchronousChannelProvider {
      * Returns the default AsynchronousChannelProvider.
      */
     public static AsynchronousChannelProvider create() {
-        String osname = AccessController
+        String osname = GetPropertyAction.getProperty("os.name");
-            .doPrivileged(new GetPropertyAction("os.name"));
         if (osname.equals("SunOS"))
             return createProvider("sun.nio.ch.SolarisAsynchronousChannelProvider");
         if (osname.equals("Linux"))

jdk/src/java.base/unix/classes/sun/nio/ch/UnixAsynchronousSocketChannelImpl.java

@@ -31,7 +31,6 @@ import java.net.*;
 import java.util.concurrent.*;
 import java.io.IOException;
 import java.io.FileDescriptor;
-import java.security.AccessController;
 import sun.net.NetHooks;
 import sun.security.action.GetPropertyAction;
 
@@ -47,8 +46,8 @@ class UnixAsynchronousSocketChannelImpl
 
     private static final boolean disableSynchronousRead;
     static {
-        String propValue = AccessController.doPrivileged(
+        String propValue = GetPropertyAction
-            new GetPropertyAction("sun.nio.ch.disableSynchronousRead", "false"));
+                .getProperty("sun.nio.ch.disableSynchronousRead", "false");
         disableSynchronousRead = (propValue.length() == 0) ?
             true : Boolean.valueOf(propValue);
     }

jdk/src/java.base/unix/classes/sun/nio/fs/DefaultFileSystemProvider.java

@@ -26,7 +26,6 @@
 package sun.nio.fs;
 
 import java.nio.file.spi.FileSystemProvider;
-import java.security.AccessController;
 import sun.security.action.GetPropertyAction;
 
 /**
@@ -55,8 +54,7 @@ public class DefaultFileSystemProvider {
      * Returns the default FileSystemProvider.
      */
     public static FileSystemProvider create() {
-        String osname = AccessController
+        String osname = GetPropertyAction.getProperty("os.name");
-            .doPrivileged(new GetPropertyAction("os.name"));
         if (osname.equals("SunOS"))
             return createProvider("sun.nio.fs.SolarisFileSystemProvider");
         if (osname.equals("Linux"))

jdk/src/java.base/unix/classes/sun/nio/fs/UnixFileSystem.java

@@ -31,7 +31,6 @@ import java.nio.file.spi.*;
 import java.io.IOException;
 import java.util.*;
 import java.util.regex.Pattern;
-import java.security.AccessController;
 import sun.security.action.GetPropertyAction;
 
 /**
@@ -57,8 +56,8 @@ abstract class UnixFileSystem
         // if process-wide chdir is allowed or default directory is not the
         // process working directory then paths must be resolved against the
         // default directory.
-        String propValue = AccessController.doPrivileged(
+        String propValue = GetPropertyAction
-            new GetPropertyAction("sun.nio.fs.chdirAllowed", "false"));
+                .getProperty("sun.nio.fs.chdirAllowed", "false");
         boolean chdirAllowed = (propValue.length() == 0) ?
             true : Boolean.valueOf(propValue);
         if (chdirAllowed) {

jdk/src/java.base/windows/classes/java/io/WinNTFileSystem.java

@@ -25,8 +25,8 @@
 
 package java.io;
 
-import java.security.AccessController;
 import java.util.Locale;
+import java.util.Properties;
 import sun.security.action.GetPropertyAction;
 
 /**
@@ -42,10 +42,9 @@ class WinNTFileSystem extends FileSystem {
     private final char semicolon;
 
     public WinNTFileSystem() {
-        slash = AccessController.doPrivileged(
+        Properties props = GetPropertyAction.getProperties();
-            new GetPropertyAction("file.separator")).charAt(0);
+        slash = props.getProperty("file.separator").charAt(0);
-        semicolon = AccessController.doPrivileged(
+        semicolon = props.getProperty("path.separator").charAt(0);
-            new GetPropertyAction("path.separator")).charAt(0);
         altSlash = (this.slash == '\\') ? '/' : '\\';
     }
 

jdk/src/java.base/windows/classes/java/net/DefaultDatagramSocketImplFactory.java

@@ -24,8 +24,7 @@
  */
 package java.net;
 
-import java.security.AccessController;
+import java.util.Properties;
-import java.security.PrivilegedAction;
 import sun.security.action.GetPropertyAction;
 
 /**
@@ -57,12 +56,11 @@ class DefaultDatagramSocketImplFactory
     static {
         Class<?> prefixImplClassLocal = null;
 
+        Properties props = GetPropertyAction.getProperties();
         preferIPv4Stack = Boolean.parseBoolean(
-                AccessController.doPrivileged(
+                props.getProperty("java.net.preferIPv4Stack"));
-                        new GetPropertyAction("java.net.preferIPv4Stack")));
 
-        String exclBindProp = AccessController.doPrivileged(
+        String exclBindProp = props.getProperty("sun.net.useExclusiveBind", "");
-                new GetPropertyAction("sun.net.useExclusiveBind", ""));
         exclusiveBind = (exclBindProp.isEmpty())
                 ? true
                 : Boolean.parseBoolean(exclBindProp);
@@ -70,8 +68,7 @@ class DefaultDatagramSocketImplFactory
         // impl.prefix
         String prefix = null;
         try {
-            prefix = AccessController.doPrivileged(
+            prefix = props.getProperty("impl.prefix");
-                new GetPropertyAction("impl.prefix", null));
             if (prefix != null)
                 prefixImplClassLocal = Class.forName("java.net."+prefix+"DatagramSocketImpl");
         } catch (Exception e) {

jdk/src/java.base/windows/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java

@@ -34,6 +34,7 @@ import sun.net.www.HeaderParser;
 import sun.net.www.protocol.http.AuthenticationInfo;
 import sun.net.www.protocol.http.AuthScheme;
 import sun.net.www.protocol.http.HttpURLConnection;
+import sun.security.action.GetPropertyAction;
 
 /**
  * NTLMAuthentication:
@@ -52,9 +53,8 @@ public class NTLMAuthentication extends AuthenticationInfo {
     private static String defaultDomain; /* Domain to use if not specified by user */
 
     static {
-        defaultDomain = java.security.AccessController.doPrivileged(
+        defaultDomain = GetPropertyAction.getProperty("http.auth.ntlm.domain",
-            new sun.security.action.GetPropertyAction("http.auth.ntlm.domain",
+                                                      "domain");
-                                                      "domain"));
     };
 
     private void init0() {

jdk/src/java.base/windows/classes/sun/nio/ch/FileDispatcherImpl.java

@@ -27,9 +27,9 @@ package sun.nio.ch;
 
 import java.io.FileDescriptor;
 import java.io.IOException;
-import java.security.PrivilegedAction;
 import jdk.internal.misc.SharedSecrets;
 import jdk.internal.misc.JavaIOFileDescriptorAccess;
+import sun.security.action.GetPropertyAction;
 
 class FileDispatcherImpl extends FileDispatcher {
 
@@ -119,13 +119,8 @@ class FileDispatcherImpl extends FileDispatcher {
     }
 
     static boolean isFastFileTransferRequested() {
-        String fileTransferProp = java.security.AccessController.doPrivileged(
+        String fileTransferProp = GetPropertyAction
-            new PrivilegedAction<String>() {
+                .getProperty("jdk.nio.enableFastFileTransfer");
-                @Override
-                public String run() {
-                    return System.getProperty("jdk.nio.enableFastFileTransfer");
-                }
-            });
         boolean enable;
         if ("".equals(fileTransferProp)) {
             enable = true;

jdk/src/java.base/windows/classes/sun/nio/fs/WindowsFileAttributes.java

@@ -27,7 +27,6 @@ package sun.nio.fs;
 
 import java.nio.file.attribute.*;
 import java.util.concurrent.TimeUnit;
-import java.security.AccessController;
 import jdk.internal.misc.Unsafe;
 import sun.security.action.GetPropertyAction;
 
@@ -115,8 +114,8 @@ class WindowsFileAttributes
     // indicates if accurate metadata is required (interesting on NTFS only)
     private static final boolean ensureAccurateMetadata;
     static {
-        String propValue = AccessController.doPrivileged(
+        String propValue = GetPropertyAction
-            new GetPropertyAction("sun.nio.fs.ensureAccurateMetadata", "false"));
+                .getProperty("sun.nio.fs.ensureAccurateMetadata", "false");
         ensureAccurateMetadata = (propValue.length() == 0) ?
             true : Boolean.valueOf(propValue);
     }