[External] : Re: JEP draft: Prepare to Restrict The Use of JNI

Alex Buckley alex.buckley at oracle.com
Tue Aug 29 14:46:41 UTC 2023


On 8/29/2023 4:03 AM, Attila Kelemen wrote:
> 
>     How, today, can a user know if they use JNI?
>     The point is to make it impossible for a user to be unaware of any
>     JNI uses which *at the very minimum* requires you to declare it in
>     the command line.
> 
>     Although *I absolutely* agree that it should also be added to the
>     module-info, so instead of having to specify every module that uses
>     JNI in the flag, you could only specify the Main module, and in
>     there it's module-info will open the JNI usage for every module.
> 
>     But i don't think there is a way to make sure the users are aware of
>     JNI usage without at least 1 flag
> 
> 
> Yes, and now many people proposed basically the same thing, that the 
> main module should be able to declare it.

Other people have not proposed "basically the same thing", because they 
insist that modules have a way to enable JNI with even _zero_ flags from 
the user. For example, Glavo said:

"3. If the main module requires native access, it is allowed without the 
--enable-native-access."

The difference between zero and one is all the difference in the world. 
Zero flags means that the user is not aware of the risks posed by native 
code to the application they are running. The whole point of this JEP is 
to ensure the user is aware of the risks.

Alex


More information about the jdk-dev mailing list