Minor thoughts (Re: [External] : Re: JEP draft: Prepare to Restrict The Use of JNI
Michał Kłeczek
michal at kleczek.org
Sat Sep 2 12:23:58 UTC 2023
> On 2 Sep 2023, at 11:25, Ron Pressler <ron.pressler at oracle.com> wrote:
>
>
> They do not need to see the flag even if the flag is there. We’re talking about flags passed to the JVM, not to the application launcher. Also, all JVM flags can, as always, be put in configuration @files;
The direction more and more looks to me like good old policy files albeit with informal ad-hoc syntax :) (and ad-hoc enforcement mechanism).
Granted - at this moment we are only talking about guarding platform integrity (however defined) but the issues faced right now are probably very similar to issues that would be faced when moving from opt-in to opt-out SecurityManager.
I am wondering how the flags affect modules loaded by custom module loading frameworks defining their own layers with possible module name conflicts.
—
Michal
More information about the jdk-dev
mailing list