Is it acceptable to globally and finally store the check for a security manager?
Given the following line of code:
public static final boolean SEC_ON = (System.getSecurityManager() != null);
Would it be acceptable to place this in a library and reuse the result throughout the lifetime of the JVM?
Why? or Why not?
[update] Similar code exists in the reference implementation of the Java EE - JSP specification. Any app server/servlet container which uses it will not support dynamic configuration of a SecurityManager.
After petitioning the Java EE user group on the subject (https://java.net/projects/javaee-spec/lists/users/archive/2013-08/message/8), it appears their stance is to not make any such determination about whether it's ok to do this or not.
So, sadly while we may wish the answer to be "you should not do that", the reality is that you cannot rely on that assumption, because someone is and will probably continue to do it.