JEP 200: The Modular JDK
Alan Bateman
Alan.Bateman at oracle.com
Wed Aug 27 20:56:28 UTC 2014
On 27/08/2014 21:13, David M. Lloyd wrote:
>
> I don't know about that. We're talking, as always, about the concepts
> of visibility as opposed to accessibility. Until now, all discussion
> has been in the context of visibility, which as I said (and MR agreed)
> is easily subverted - but then MR said he intends to "enforce module
> boundaries via access-control checks in the VM" which blurs the line
> considerably. So if we're now moving into accessibility territory
> across class loaders, we're definitely and squarely overlapping with
> AccessController and its related facilities - i.e. "does module X have
> permission to import module Y?". This is clearly a permission check,
> exactly like those done against the protection domain(s) of the
> module's class loader - why introduce a new mechanism when an existing
> matching solution exists?
>
For access control then think how accessibility specified in the JLS and
JVMS might evolve rather than java.security.AccessController,
permissions, and the security manager world. This is all discussion for
a future JEP and JSR of course.
-Alan
More information about the jigsaw-dev
mailing list