question on exports to
Andrew Dinn
adinn at redhat.com
Thu Jun 2 08:41:27 UTC 2016
On 01/06/16 20:07, Alex Buckley wrote:
> Core Reflection is still bound by the Java language's notion of
> accessibility, so calling newInstance() on a Class or get() on a Field
> or invoke() on a Method will perform an access check in SE 9 just like
> in SE 8. The access check has two parts, as previously discussed, but by
> policy the first part (X-reads-Y) is a "yes" for these reflective
> operations ... that leaves second part where the underlying
> class/field/method must be exported to the code calling
> newInstance()/get()/invoke(). That's why setAccessible has been
> @CallerSensitive since the module system implementation was merged into
> JDK 9.
That's not quite true at present since this exports test need not be
passed when the caller module is java.base i.e. the current permissions
are wider than you state.
Alan Bateman explained to me that that this was merely a heuristic to
enable the current Jigsaw implementation to work. If/when that heuristic
is removed then is the intention that the condition for reflective
access will reduce simply to the exports check or will there still be a
need for some slightly wider condition? If the latter then how will the
condition be widened?
regards,
Andrew Dinn
-----------
Senior Principal Software Engineer
Red Hat UK Ltd
Registered in England and Wales under Company Registration No. 03798903
Directors: Michael Cunningham, Michael ("Mike") O'Neill, Eric Shander
More information about the jigsaw-dev
mailing list