Minor thoughts (Re: [External] : Re: JEP draft: Prepare to Restrict The Use of JNI

Glavo zjx001202 at gmail.com
Fri Sep 1 20:35:55 UTC 2023 

You're telling how wonderful a utopia really is, but it doesn't exist in
reality.

Yes, FFI is not trusted. But should all untrusted features be labeled
"untrusted" and treated equally?

Compared to FFI, we have a more dangerous feature: I/O.  Users can easily
break integrity via I/O (such as accessing /proc/pid/mem with
RandomAccessFile).
Also, not only can it be used to break the integrity of Java, it can be
used to break other programs and the operating system,
so why don't we  restrict this extremely dangerous feature first?

Of course, I know that  restricting I/O is relatively unrealistic. I just
want to explain: absolute integrity is impossible with Java.

The majority will be able to rest easy that their programs are portable and
> don't crash.
>

This is just an illusion created by fraud, please stop deceiving users.
Integrity itself is meaningless as long as the elephant is in the room,
let's focus on more utilitarian goals.

You talked a lot about the problems with FFI. I acknowledge that they
exist, but I don't think they can be easily solved.
In the past, many people used the internals of the JDK, but this was not an
essential requirement for them, so JPMS can regulate their behavior.
JNI is different from it, FFI is the real needs of users. And as far as I
know, JNI is rarely abused in the Java ecosystem, because most users prefer
pure Java when possible.
So restricting JNI like this doesn't really make users protected.

While I gladly respond to people on social media regardless of their tone,
> we try to aim for a higher standard of decorum and respect on the mailing
> lists.
>

I'm not good at English and I'm using Google Translate to write the email,
so my tone may be more straightforward.
If I've offended you before, I apologize for that.

But now I do get annoyed because you're clearly exaggerating the role of
integrity.
I need to calm down for a while to avoid being dominated by my emotions.

Glavo


On Sat, Sep 2, 2023 at 1:35 AM Ron Pressler <ron.pressler at oracle.com> wrote:

>
> >
> >> On Sep 1, 2023, at 5:08 AM, Ron Pressler <ron.pressler at oracle.com>
> wrote:
> >>
> >> In other words, it’s extremely hard for the author to know whether
> their application is carrying knives or not, and if so where to look if its
> handling them safely.
> >
> > Indeed. How does the flag solve this problem?
> >
>
> A future release may require the flag to allow native access. In that
> future application authors know with certainty that unless they've provided
> the flag, their application isn’t using any knives.
>
> For the moment, however, we’re talking about warnings. The warnings let
> you know if your program uses JNI, and, as the JEP says, we may also add an
> additional capability to jdeps to help you statically analyse your codebase
> for uses of restricted and native methods.
>
> — Ron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/jdk-dev/attachments/20230902/ef39bfe6/attachment.htm>

More information about the jdk-dev mailing list