diff --git a/server/src/main/java/org/elasticsearch/bootstrap/Elasticsearch.java b/server/src/main/java/org/elasticsearch/bootstrap/Elasticsearch.java
index 69e252bf6cf00..f5be6dd07bb56 100644
--- a/server/src/main/java/org/elasticsearch/bootstrap/Elasticsearch.java
+++ b/server/src/main/java/org/elasticsearch/bootstrap/Elasticsearch.java
@@ -243,7 +243,8 @@ private static void initPhase2(Bootstrap bootstrap) throws IOException {
                 nodeEnv.configDir(),
                 nodeEnv.tmpDir()
             );
-        } else if (RuntimeVersionFeature.isSecurityManagerAvailable()) {
+        } else {
+            assert RuntimeVersionFeature.isSecurityManagerAvailable();
             // no need to explicitly enable native access for legacy code
             pluginsLoader = PluginsLoader.createPluginsLoader(modulesBundles, pluginsBundles, Map.of());
             // install SM after natives, shutdown hooks, etc.
@@ -253,10 +254,6 @@ private static void initPhase2(Bootstrap bootstrap) throws IOException {
                 SECURITY_FILTER_BAD_DEFAULTS_SETTING.get(args.nodeSettings()),
                 args.pidFile()
             );
-        } else {
-            // TODO: should we throw/interrupt startup in this case?
-            pluginsLoader = PluginsLoader.createPluginsLoader(modulesBundles, pluginsBundles, Map.of());
-            LogManager.getLogger(Elasticsearch.class).warn("Bootstrapping without any protection");
         }
 
         bootstrap.setPluginsLoader(pluginsLoader);