Suggestion: allow accessible reflection on protected methods of exported types.
Jochen Theodorou
blackdrag at gmx.org
Tue Jan 10 16:48:05 UTC 2017
On 10.01.2017 15:40, Andrew Dinn wrote:
[...]
> That's possible because an agent can use its Instrumentation instance to
> 'export open' the MethodHandles package to a module of its own making
> and then create the Lookup from within that module.
but that won't work for me in Groovy as a library. The other modules are
already alive and there are instance from classes of those I need to
work with. Even if I created a new Layer depending on bootstrap and add
there manually all of the modules and add "opens" to them I will still
get into trouble I assume, because I strongly expect those classes not
be identical with the original classes. This works then only if I add my
own module loader, which replaces the one used by jigsaw. Which is again
highly intrusive. Imagine for example me adding something like that to
jboss...
But... hmm... if you create a Lookup from within that module, why do you
still need to add export open? The Lookup then has full rights even
without "export open" I would have expected.
> Obviously this is not a 'legitimate' way to create a Lookup -- hijacking
> an internal API is never safe (irrespective of how unlikely it is that
> the API might change or disappear). John Rose has raised an issue to
> look into providing a /legitimate/ way of making Lookups available to
> interested 3rd parties:
>
> https://bugs.openjdk.java.net/browse/JDK-8162494
>
> If you have any input to provide as to how this might be done without
> (as John says) 'giving away the store' I am sure it would be listened to
> with interest.
Since the current mechanism with the security manager is deemed to be
not good enough anymore I actually fail to suggest something, since that
is exactly something I would expect the SecurityManager to handle.
bye Jochen
More information about the jigsaw-dev
mailing list