New proposal for #ReflectiveAccessToNonExportedTypes: Open modules & open packages
Remi Forax
forax at univ-mlv.fr
Tue Nov 1 15:11:50 UTC 2016
----- Mail original -----
> De: "John Rose" <john.r.rose at oracle.com>
> À: "David M. Lloyd" <david.lloyd at redhat.com>
> Cc: jigsaw-dev at openjdk.java.net
> Envoyé: Mardi 1 Novembre 2016 15:04:33
> Objet: Re: New proposal for #ReflectiveAccessToNonExportedTypes: Open modules & open packages
> On Nov 1, 2016, at 9:53 AM, David M. Lloyd <david.lloyd at redhat.com> wrote:
>>
>> 1. It requires the target class to be initialized
>> 2. It requires the target class to proactively donate MethodHandles or a Lookup
>> to the lookup class
>
> Both of these can be overcome, though only by privileged code.
> The privileged code would forge (uh, "mint") a legitimate Lookup to the
> not-yet-initialized class.
> A "Vault" meta-framework doesn't need to inject a Lookup donation statement into
> anybody's <clinit>.
> Instead, it needs to do the super-user operation of making a trusted lookup.
> It must also fulfill the super-user *responsibility* of not leaking such
> lookups, just using them in a predictable, rule-based manner.
> — John
yes, being in java.lang.invoke is enough,
https://gist.github.com/forax/cab12206323ca2e5866c9f8e20ee6d40
Rémi
More information about the jigsaw-dev
mailing list