Lambdas and serialization
tom.hawtin at oracle.com
tom.hawtin at oracle.com
Tue Oct 19 12:50:47 PDT 2010
On 19/10/2010 16:44, Rémi Forax wrote:
> Lambda are not serializable, like java.lang.reflect.Method
> because it will create tons of security holes.
Having lambdas serialisable by default would rather put them out of
bounds for code that deals with other less trusted code. However, as
anonymous inner classes, it is not a security issue that they can be
serialisable if the creator explicitly wants them to be.
> BTW, inner classes have some trouble with serialUID.
Depends on the purpose. If you go right back serialisation was part of
making both data and code mobile. In a way that may be thought of as
object oriented (probably a dangerous thought). If the data and code is
in step, then the default serialVersionUID calculation is ideal.
Unfortunately provided mechnanisms for keeping data and code in step a
tad "lightweight" and this isn't really how serialisation appears to be
used these days.
Perhaps it would be useful to extend the SAM syntax to enums (SAMEs?),
for stateless lambdas. Or perhaps Java has deeper issues with objects
capturing state (compare against Simula).
Tom Hawtin
More information about the lambda-dev
mailing list