Serialization

[Peter Jones]

On Dec 16, 2009, at 5:00 PM, Tom Hawtin wrote:
>
> However, from a security point of view automatically serialisable
> lambdas scares the hell out of me.

Tom is of course quite right that automatic serializability of the  
classes synthesized for lambda expressions could be dreadful security- 
wise.  This was, after all, one of the primary motivations for the  
requirement to implement the Serializable interface (wish it were an  
annotation...).

People will naturally assume that these classes can only be  
instantiated by the enclosing class (where the lambda expression is  
evaluated), but keep in mind that any serializable class effectively  
has a public constructor (to which data from a hand-crafted stream can  
be passed).  Expecting people to be wary of privileged code getting  
exposed this way seems unreasonable.

So I think that serializability must require an explicit opt-in for  
that reason alone-- not that I have a specific suggestion for how to  
express it (and I would still have plenty of other concerns).

-- Peter