#ReflectiveAccessByInstrumentationAgents

[Alan Bateman]

On 06/05/2016 09:47, Andrew Dinn wrote:
> What I don't want to do is export the API provided by a concealed
> class/package that exposes a module check -free setAccessible to
> anything other than the Byteman class which uses it. If I follow your
> suggestion then I would potentially expose setAccessible to any class in
> the system classpath. So, rather than use module import/export checks I
> think I need to employ a caller class check.
>
A caller check seems overkill here but to your point, yes, if you coerce 
the target module to export packages to the unnamed module of the app 
class loader then it means that anything on the class path can access 
public types in those packages or they can use setAccessible(true) to 
hack into non-public types and members. From your earlier mails then it 
might be that you only need to export to the unnamed module of the boot 
loader so maybe this is not a concern.

There are other more sophisticated approaches but I'm not sure if it's 
worth going into them now. For example deploying java agents as explicit 
modules (open question on whether this is needed in the short term) or 
using dynamic modules. I think that is a topic for another thread and 
another day.

-Alan