[External] : Re: JEP draft: Prepare to Restrict The Use of JNI
Alex Buckley
alex.buckley at oracle.com
Tue Aug 29 14:46:41 UTC 2023
On 8/29/2023 4:03 AM, Attila Kelemen wrote:
>
> How, today, can a user know if they use JNI?
> The point is to make it impossible for a user to be unaware of any
> JNI uses which *at the very minimum* requires you to declare it in
> the command line.
>
> Although *I absolutely* agree that it should also be added to the
> module-info, so instead of having to specify every module that uses
> JNI in the flag, you could only specify the Main module, and in
> there it's module-info will open the JNI usage for every module.
>
> But i don't think there is a way to make sure the users are aware of
> JNI usage without at least 1 flag
>
>
> Yes, and now many people proposed basically the same thing, that the
> main module should be able to declare it.
Other people have not proposed "basically the same thing", because they
insist that modules have a way to enable JNI with even _zero_ flags from
the user. For example, Glavo said:
"3. If the main module requires native access, it is allowed without the
--enable-native-access."
The difference between zero and one is all the difference in the world.
Zero flags means that the user is not aware of the risks posed by native
code to the application they are running. The whole point of this JEP is
to ensure the user is aware of the risks.
Alex
More information about the jdk-dev
mailing list