Loading libraries from memory or jar files
Mike Hearn
mike at plan99.net
Fri Jan 17 17:21:29 UTC 2025
AFAIK Conveyor is the only tool that can (re)sign libraries inside jars so
you'll probably end up with either a mix of different signers or some code
being unsigned, unless you do a lot of manual scripting.
If you restrict your view to only Linux then code signing doesn't matter.
But the general trend is the same: apps are expected to be immutable
collections of files that don't modify their install directory or load code
from temporary directories, home directories, etc. Docker, FlatPak, RPM/DEB
all assume this, as does MSIX on Windows and the .app bundle format on
macOS.
You can try and fight this with ever weirder and more brittle hacks, or
accept the reality that apps should not be extracting shared libraries on
the fly from JARs in the first place. That was only ever a convenience for
developers and OS designers were never on board with it as a general
architectural pattern.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/panama-dev/attachments/20250117/46e40079/attachment.htm>
More information about the panama-dev
mailing list