I would love to see that in the docs, as it easily allows multiple JVMs on the same host to have different security policies. Per the Java docs, "-Djava.security.properties=/path/to/java.security.properties" will override matching settings in the java.security policy file and "-Djava.security.properties==/path/to/java.security.properties" (two equals) will completely replace the java.security policy file. Customers can have JVM specific policy based on their use cases.

This would have its place somewhere in FIPS documentation, as it is how FIPS configuration can be approached.