New proposal for #ReflectiveAccessToNonExportedTypes: Open modules & open packages
David M. Lloyd
david.lloyd at redhat.com
Tue Nov 1 14:39:01 UTC 2016
On 11/01/2016 09:23 AM, John Rose wrote:
> On Nov 1, 2016, at 10:22 AM, Jochen Theodorou <blackdrag at gmx.org> wrote:
>>
>> Can we clarify "privileged code"? Privileged like in a SecurityManager in a PrivilegedAction for example, for privileged like only jdk internal code? Just to see it black on white ;)
>
> Good question: I mean the basic JDK platform implementation. Something deep in java.base. Like Unsafe.
I don't see why this can't be a "regular" API though, rather than a
super-user sledgehammer every single time. If user code can be
statically granted access, and that user code can deliberately acquire a
narrowly-scoped object which can access those Lookups/*Handles, then
isn't that better than using Unsafe, which not only represents
unrestricted system-wide access, but can undermine even the JVM's
integrity if leaked?
--
- DML
More information about the jigsaw-dev
mailing list