[External] : Re: JEP draft: Prepare to Restrict The Use of JNI

Glavo zjx001202 at gmail.com
Tue Aug 29 15:01:07 UTC 2023 

>
> "3. If the main module requires native access, it is allowed without the
> --enable-native-access."
>
> The difference between zero and one is all the difference in the world.
> Zero flags means that the user is not aware of the risks posed by native
> code to the application they are running. The whole point of this JEP is
> to ensure the user is aware of the risks.
>

You are twisting my words, please don't take them out of context.

This is my original words:

Here's what I want:
>
> 1. Allows a module to declare that it wants native access:
>
> ```java
>
> module org.glavo.mylib {
>     requires native; // Check for permissions when loading
>
>     // or
>     requires static native;  // Check for permission when calling a
> restricted method
>
> }
>
> 2. Allows a module with native access enabled to grant permissions to
> other modules:
>
> ```java
>
> module org.glavo.myapp {
>     requires native;
>     requires org.glavo.mylib;
>
>     opens native to org.glavo.mylib;
>
> }
>
>
> 3. If the main module requires native access, it is allowed without the
> --enable-native-access.
>
> 4. Allows users to declare restricted methods.
>     This will prevent code from masking its true intent through low-level
> libraries like JNA/JNR.
>
>
I never wanted zero flags. I want modules to always need to declare
themselves needing native access in module info.
The only difference between the main module and other modules is that it
does not need to be granted permissions by other modules,
as I believe the end user has the right to make decisions.

Glavo

On Tue, Aug 29, 2023 at 10:46 PM Alex Buckley <alex.buckley at oracle.com>
wrote:

> On 8/29/2023 4:03 AM, Attila Kelemen wrote:
> >
> >     How, today, can a user know if they use JNI?
> >     The point is to make it impossible for a user to be unaware of any
> >     JNI uses which *at the very minimum* requires you to declare it in
> >     the command line.
> >
> >     Although *I absolutely* agree that it should also be added to the
> >     module-info, so instead of having to specify every module that uses
> >     JNI in the flag, you could only specify the Main module, and in
> >     there it's module-info will open the JNI usage for every module.
> >
> >     But i don't think there is a way to make sure the users are aware of
> >     JNI usage without at least 1 flag
> >
> >
> > Yes, and now many people proposed basically the same thing, that the
> > main module should be able to declare it.
>
> Other people have not proposed "basically the same thing", because they
> insist that modules have a way to enable JNI with even _zero_ flags from
> the user. For example, Glavo said:
>
> "3. If the main module requires native access, it is allowed without the
> --enable-native-access."
>
> The difference between zero and one is all the difference in the world.
> Zero flags means that the user is not aware of the risks posed by native
> code to the application they are running. The whole point of this JEP is
> to ensure the user is aware of the risks.
>
> Alex
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/jdk-dev/attachments/20230829/34122ee7/attachment-0001.htm>

More information about the jdk-dev mailing list