It's not too late for access control
Claes Redestad
claes.redestad at oracle.com
Fri Jul 15 23:39:43 UTC 2016
On 2016-07-16 01:16, Eric Johnson wrote:
> Hmmm....
>
> On 7/15/16 1:10 PM, Claes Redestad wrote:
>> It's still perfectly possible to break through to non-exported
>> packages: it will simply require use of either new flags
>> (addExports/addReads, upgraded modules etc) or use of the newly added
>> extensions to the reflection API. And as has been stated again and
>> again elsewhere: setAccessible and friends are not going anywhere soon.
> Let me play out an analogy: City upgrades the building codes. You as a
> home owner are not required to upgrade to conform, unless:
>
> * house undergoes a significant, externally visible change
> * buy/sell transaction
>
> (In other words, when the owner clearly demonstrates they likely have
> the financial resources to conform.)
>
> With JDK 9, however, we all know that JDK 8 will fall out of support.
> Which means that changes in JDK 9 /must/ be accommodated by any project
> / product that wishes to maintain viability past the support window for
> JDK 8. Except, given the maturity of the Java ecosystem, in most cases
> most projects don't want to change, or fundamentally don't need to change.
>
> So, based on what you're saying about the act of "simply require" a
> small amount of new configuration, or a few code tweaks - JDK 9 is sort
> of like having the building codes change, and being given a very short
> window to conform - or be forced to move out.
>
> I think that's where the "tea party" analogy that Gregg came up with
> comes out. It feels like government usurpation. Maybe it is done with
> the best of intentions - just like an upgrade to building codes might be
> - but /forcing/ everyone to change is counterproductive.
Running with that analogy: most applications can opt out of "going
modular" and stick with putting everything on the classpath. Many
applications we run internally run just fine on JDK 9 without any
modifications, and can likely continue to do so through many major
releases to come. Sooner or later the opportunity cost of not upgrading
to a modular approach might grow too large, but I think most will
experience a more gentler pressure to upgrade than you're suggesting.
The obvious exception is of course those applications which ignored all
the warnings and use non-public internals - I guess the home owner
analogy equivalent would be someone hooking up to the power grid in
some unordained or illegal way: Should the government be blocked from
doing much-needed upgrades to the power grid for everyone since some
use unlicenced equipment? Would it be OK if they did so with some due
warning (major release)? Or should they be free to do whatever,
whenever (minor, patch or security release)?
/Claes
More information about the jigsaw-dev
mailing list