@Kubuxu it is only allowed to change once, the fml manager blocks further changes, thus it is still secure

Allowing VM setting SecurityManager is IMHO not right practice. I suggest rebuilding forge for people that need SM - with just the trow commented out.
It is for safety and ease. In theory you can use build in but then be ready to read every commit in new forge version.
Control flow can sometimes go in weird direction.

@Kubuxu allowing setsecuritymanager is totally safe since fml blocks it.

But future changes in fml might make something load before this and so on. So as I said, if you want to use be ready to audit every new commit in release.

@Kubuxu nothing will ever load before this. this is not the correct mechanism to sandbox servers anyways.

@Kubuxu also, reviewing every single fml commit is not that hard.

But it is more work every time than setting Jenkins with patch file.

As discussed before, this is not a proper solution and causes immense performance decreases. People have yet t provide any form of valid reason to have this ability.

@LexManos This should only provide a performance decrease if the delegate exists no?

Yeah, and I agree it's a solution to a non-existing problem.