Review Request: 8221530: Caller sensitive methods not handling caller = null when invoked by JNI code with no java frames on stack

Alan Bateman Alan.Bateman at
Thu Mar 28 15:08:26 UTC 2019

On 28/03/2019 14:48, Peter Levart wrote:
> :
> In addition, if access from null caller is granted and it is performed 
> to a member in a "concealed" package, there's no warning displayed
The proposed check is that the package is exported unconditionally so it 
will fail, no warning needed. I think that is okay. I could imagine 
someone trying to argue that they run with `--add-exports 
java.base/<concealed-package>=ALL-UNNAMED` and they expect their JNI 
code to be able to reflect on the public members of public classes in 
that package but it hardly seems wroth it as JNI doesn't do access 
checks so it's pointless writing JNI code to use reflection.


More information about the core-libs-dev mailing list