Proposal: Allow illegal reflective access by default in JDK 9
Peter Levart
peter.levart at gmail.com
Fri May 19 14:27:53 UTC 2017
On 05/19/2017 04:05 PM, Alan Bateman wrote:
> On 19/05/2017 14:54, Peter Levart wrote:
>
>> :
>>
>> Opening the whole JDK (--illegal-access=permit by default) means that
>> all internal "public" APIs are made accessible if by chance someone
>> can grab an instance of target object and/or an instance of
>> Method/Field object. Imagine a JDK developer that thought that by
>> putting a public type into a concealed package was equivalent to
>> making the type module-private. This is a big surprise from the
>> security perspective and jdk.internal.misc.Unsafe.getUnsafe() might
>> not be a lone example.
> True although it's no different to JDK 8 and older behavior where all
> public members of all public types in all packages were accessible to
> code on the class path.
Except that in the meanwhile a lot of internal code was written for JDK
9 that assumed the level of privacy provided by concealed packages. This
level is about to be changed by the proposal in the last minute...
> Furthermore, setAccessible could be use to hack everywhere. The
> proposal is really just giving libraries and tools more time to sort
> out their issues.
>
> -Alan
Regards, Peter
More information about the jigsaw-dev
mailing list