Allow external configuration of io.confluent.ksql.security.ExtensionSecurityManager

[appcrawler]

Is your feature request related to a problem? Please describe. Feature Request.

Describe the solution you'd like As far as I can tell, io.confluent.ksql.security.ExtensionSecurityManager does not have an associated external configuration. This class prevents System.exit(), which is good, but what about cases in which a user needs to invoke JNI and a file needs to be written? The example I am thinking of is one which I ran across; namely, DL4J creates a .javacpp directory under the executing users home directory. Until I set ksql.udf.enable.security.manager = false, instances of the DL4J class threw an exception surrounding the inability to create the noted directory.

Caused by: java.lang.UnsatisfiedLinkError: java.io.IOException: Could not create the cache: Set the "org.bytedeco.javacpp.cachedir" system property.

Even after setting the property noted and restarting, the same exception was thrown in the ksqlDB server log. I’m sure there are other examples.

Have we considered adding a config to point to an existing java.policy file that could be used to enforce permissions in ksqlDB?

Describe alternatives you've considered Disabling the security manager, which is not acceptable to most organizations.

Additional context N/A

[stevenpyzhang]

Kept the needs-triage label as I'm not sure what release we'd want to target for this.