From 6df09a0cbd9b905076e3836d1f3f9c10f474e640 Mon Sep 17 00:00:00 2001
From: Jesse Wilson <jessewilson@google.com>
Date: Thu, 7 Jan 2010 16:25:59 -0800
Subject: [PATCH] The SecurityManager doesn't work, so advertise that shouldn't
 be used.

---
 libcore/luni-kernel/src/main/java/java/lang/System.java   | 10 +++++++---
 libcore/luni/src/main/java/java/lang/SecurityManager.java |  6 +++++-
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/libcore/luni-kernel/src/main/java/java/lang/System.java b/libcore/luni-kernel/src/main/java/java/lang/System.java
index b97a75a65..aa78b1bc9 100644
--- a/libcore/luni-kernel/src/main/java/java/lang/System.java
+++ b/libcore/luni-kernel/src/main/java/java/lang/System.java
@@ -603,10 +603,14 @@ public final class System {
     }
 
     /**
-     * Sets the active security manager. Note that once the security manager has
-     * been set, it can not be changed. Attempts to do that will cause a
+     * <strong>Warning:</strong> security managers do <strong>not</strong>
+     * provide a secure environment for executing untrusted code. Untrusted code
+     * cannot be safely isolated within the Dalvik VM.
+     *
+     * <p>Sets the active security manager. Note that once the security manager
+     * has been set, it can not be changed. Attempts to do that will cause a
      * security exception.
-     * 
+     *
      * @param sm
      *            the new security manager.
      * @throws SecurityException
diff --git a/libcore/luni/src/main/java/java/lang/SecurityManager.java b/libcore/luni/src/main/java/java/lang/SecurityManager.java
index 8a04e926c..736d53722 100644
--- a/libcore/luni/src/main/java/java/lang/SecurityManager.java
+++ b/libcore/luni/src/main/java/java/lang/SecurityManager.java
@@ -41,7 +41,11 @@ import java.util.StringTokenizer;
 import org.apache.harmony.luni.util.PriviAction;
 
 /**
- * Provides security verification facilities for applications. {@code
+ * <strong>Warning:</strong> security managers do <strong>not</strong> provide a
+ * secure environment for executing untrusted code. Untrusted code cannot be
+ * safely isolated within the Dalvik VM.
+ *
+ * <p>Provides security verification facilities for applications. {@code
  * SecurityManager} contains a set of {@code checkXXX} methods which determine
  * if it is safe to perform a specific operation such as establishing network
  * connections, modifying files, and many more. In general, these methods simply
-- 
2.11.0