Proposal: Allow illegal reflective access by default in JDK 9

Peter Levart peter.levart at
Fri May 19 14:27:53 UTC 2017

On 05/19/2017 04:05 PM, Alan Bateman wrote:
> On 19/05/2017 14:54, Peter Levart wrote:
>> :
>> Opening the whole JDK (--illegal-access=permit by default) means that 
>> all internal "public" APIs are made accessible if by chance someone 
>> can grab an instance of target object and/or an instance of 
>> Method/Field object. Imagine a JDK developer that thought that by 
>> putting a public type into a concealed package was equivalent to 
>> making the type module-private. This is a big surprise from the 
>> security perspective and jdk.internal.misc.Unsafe.getUnsafe() might 
>> not be a lone example.
> True although it's no different to JDK 8 and older behavior where all 
> public members of all public types in all packages were accessible to 
> code on the class path. 

Except that in the meanwhile a lot of internal code was written for JDK 
9 that assumed the level of privacy provided by concealed packages. This 
level is about to be changed by the proposal in the last minute...

> Furthermore, setAccessible could be use to hack everywhere. The 
> proposal is really just giving libraries and tools more time to sort 
> out their issues.
> -Alan

Regards, Peter

More information about the jigsaw-dev mailing list