RFR: 8217920: Lookup.defineClass injects a class that can access private members of any class in its own module [v2]
Mandy Chung
mchung at openjdk.org
Fri Jan 27 17:41:45 UTC 2023
On Fri, 27 Jan 2023 17:07:08 GMT, Mandy Chung <mchung at openjdk.org> wrote:
>> src/java.base/share/classes/java/lang/Module.java line 605:
>>
>>> 603: * {@link java.lang.invoke.MethodHandles.Lookup Lookup} object that is allowed to
>>> 604: * {@link java.lang.invoke.MethodHandles.Lookup#defineClass(byte[]) define classes}
>>> 605: * in package {@code p}. </p>
>>
>> I wonder if this should be an apiNote rather method description. There is also the no-arg isOpen method and maybe we should add a note there too. What would you think about linking "deep reflection" to AccessibleObject.setAccesssible(boolean) ?
>
>> I wonder if this should be an apiNote rather method description.
>
> I considered this and no clear cut on this. I don't have a strong opinion on this. What do you think?
I updated with apiNote, which is clearer.
-------------
PR: https://git.openjdk.org/jdk/pull/12236
More information about the core-libs-dev
mailing list