Code signing [Was: JEP draft: Prepare to Restrict The Use of JNI]
Andrew Haley
aph-open at littlepinkcloud.com
Thu Sep 7 12:40:51 UTC 2023
On 9/6/23 20:01, Attila Kelemen wrote:
> However, why would we need a signature for this? If some of the jars are malicious, then we are screwed even with Java only. If they are not malicious then a simple manifest entry (or a combination of multiple) for the group seems enough. For example, it would be enough I think, if we could enable native access on the basis of some manifest entries, like writing `--enable-native-by-manifest="Vendor=MyCompany,Native-Libs=my-native-libs"` (where both "Vendor" and "Native-Libs" would be a key in the manifest).
What exactly do you mean by "the manifest entry"? Which manifest? In the
library? Does the application need a transitive list of its dependencies?
How does this scale? Who gets to decide?
--
Andrew Haley (he/him)
Java Platform Lead Engineer
Red Hat UK Ltd. <https://www.redhat.com>
https://keybase.io/andrewhaley
EAC8 43EB D3EF DB98 CC77 2FAD A5CD 6035 332F A671
More information about the jdk-dev
mailing list