Log bundle implementations are often in unexported packages or extending non-public interfaces. In module mode, the stricter access control checks block access to the implementation class in these (and possibly other) cases.

We can gain access to the implementation class (and reduce our usage of security manager) using the new Java access control idioms by introducing variants to the getMessageLogger and getBundle methods which accept a MethodHandles.Lookup, and deprecate the old methods.

When given a Lookup, we can avoid using AccessController.doPrivileged at all.