Proposal: Allow illegal reflective access by default in JDK 9
Peter Levart
peter.levart at gmail.com
Fri May 19 11:40:07 UTC 2017
On 05/19/2017 01:14 PM, Alan Bateman wrote:
> On 19/05/2017 11:58, Peter Levart wrote:
>
>> :
>>
>> ...the example works (does not throw exception), but when run with:
>>
>> --add-opens java.base/jdk.internal.misc=ALL-UNNAMED
>>
>> ...the example still works!!!! OOOPS - this is a bug!!! This is
>> definitely a bug.
> No, the behavior is correct as jdk.internal.misc.Unsafe is public and
> it's getUnsafe is public. It's different to sun.misc.Unsafe.
>
> However, you do have a point that opening all packages by default
> means that the internal Unsafe might need to be looked at again. The
> long term plan is to reduce the need for sun.misc.Unsafe but not by
> having libraries move to the internal Unsafe.
>
> BTW: For the security manager case then I assume you code fragment
> would need to accessClassInPackage.jdk.internal.misc permission.
Right, but such permission should not be sufficient, since it is
required only to obtain the jdk.internal.misc.Unsafe.class object (i.e.
for Class.forName("jdk.internal.misc.Unsafe"). I can play a trick here
to obtain such Class instance. For example:
public class Test {
public static void main(String[] args) throws Exception {
System.setSecurityManager(new SecurityManager());
Class<?> unsafeClass =
java.io.File.class.getDeclaredField("UNSAFE").getType();
Object theUnsafe = unsafeClass.getMethod("getUnsafe").invoke(null);
}
}
Ok, I need "accessDeclaredMembers" permission here, but you get the
picture...
Regards, Peter
>
> -Alan
More information about the jigsaw-dev
mailing list