[FLINK-36902] Remove support for FlinkSecurityManager

[cushon]

What is the purpose of the change

This change removes references to the Security Manager API, for compatibility with JDK 24 and newer versions. Support for the Security Manager permanently disabled in JDK 24.

Brief change log

• usages of FlinkSecurityManager were removed
• usages of -Djava.security.manager=allow were removed

Verifying this change

This change is already covered by existing tests.

Does this pull request potentially affect one of the following parts:

• Dependencies (does it add or upgrade a dependency): no
• The public API, i.e., is any changed class annotated with @Public(Evolving): no
• The serializers: don't know
• The runtime per-record code paths (performance sensitive): don't know
• Anything that affects deployment or recovery: JobManager (and its components), Checkpointing, Kubernetes/Yarn, ZooKeeper: don't know
• The S3 file system connector: don't know

Documentation

• Does this pull request introduce a new feature? no

[flinkbot]

CI report:

• 0fd0ed5 Azure: FAILURE

Bot commands

The @flinkbot bot supports the following commands:

• @flinkbot run azure re-run the last Azure build

[davidradl]

The jira says it is to deprecate the FlinkSecurityManager, but the PR is removing it. It seems normal practise to deprecate prior to removing.

[cushon]

The JDK Security Manager APIs were deprecated in JDK 17 which was released in 2021, and it has been removed in JDK 24. This code doesn't build with DJK 24 and newer.

I'm not sure there's a great way to keep this functionality around in a deprecated state and support newer JDKs. It might be possible to do something with multi-release jars.

I guess another option would be to mark FlinkSecurityManager as deprecated, and then remove it in a later release, and wait until that later release for Flink to support JDK 24 and newer.