[External] : Re: JEP draft: Disallow the Dynamic Loading of Agents by Default
Ron Pressler
ron.pressler at oracle.com
Mon May 1 20:14:02 UTC 2023
> On 1 May 2023, at 18:08, Michał Kłeczek <michal at kleczek.org> wrote:
>
>
> I wonder if you are planning to define a formal grammar for all these command line options defining “integrity policies” as it surely looks to me like…
>
We already have! With the exception of --enable-native-access=M1,M2,M3, the access policy is declared by modules in their module-info.java files, using a grammar that is now part of the Java language. Flags such as --add-opens, --add-exports, and --patch-module, when used *in production* (as opposed to in whitebox testing, where the configuration should be created automatically by tools), are not a policy but an emergency override of the policy that signifies some technical debt in the code that needs to be resolved.
— Ron
More information about the jigsaw-dev
mailing list