Unsafe: removing the monitorEnter/monitorExit/tryMonitorEnter methods
David M. Lloyd
david.lloyd at redhat.com
Thu Mar 6 14:51:50 UTC 2014
On 03/06/2014 08:48 AM, Tom Hawtin wrote:
> On 04/03/2014 15:32, David M. Lloyd wrote:
>> On 03/03/2014 09:45 PM, David Holmes wrote:
>
>>> We should not introduce anything that allows something that was
>>> guaranteed to be safe by the language, to become unsafe.
>>
>> Define 'safe'. Because I don't think it's unsafe, any more than
>
> I believe even in the Java library it is common where a publicly
> accessible monitor is used to safeguard the integrity of security
> critical datastructures. Where monitorexit to become freely available,
> that would almost certainly be exploitable.
I would expect that in a security-critical section, such monitors would
be private, else they could be exploited in other ways.
--
- DML
More information about the core-libs-dev
mailing list