RFR: 8229773: Resolve permissions for code source URLs lazily
Roger Riggs
Roger.Riggs at oracle.com
Thu Aug 15 15:27:29 UTC 2019
Looks good,
Thanks, Roger
On 8/15/19 11:22 AM, Claes Redestad wrote:
> (adding back core-libs-dev)
>
> Hi Roger,
>
> seems easy enough to add a writeReplace:
>
> http://cr.openjdk.java.net/~redestad/8229773/webrev.02
>
> /Claes
>
> On 2019-08-15 16:54, Roger Riggs wrote:
>> Hi Claes,
>>
>> I would recommend using writeReplace to serialize the
>> PermissionCollection so the serialized form does not change.
>> Though these are unlikely to be serialized, it will be less likely to
>> trigger some interoperability issue between different version. It may
>> need to be documented that serializing/deserializing does not retain
>> the lazyness.
>>
>> Roger
>>
>>
>> On 8/15/19 10:30 AM, Claes Redestad wrote:
>>> Hi Sean,
>>>
>>> On 2019-08-15 15:07, Sean Mullan wrote:
>>>> Hi Claes,
>>>>
>>>> I already reviewed an earlier version of this and this is pretty
>>>> similar. I did have a question about whether the default
>>>> serialization was ok - did you look into that more?
>>>
>>> ah, yes.. all the constituents are serializable (whether we wrap the
>>> CodeSource or its URL) so the new Lazy..Collection should be too. I was
>>> entertaining the idea that we could writeReplace the lazy collection
>>> with a PermissionCollection to avoid polluting serialization use cases
>>> with new type, but couldn't think of any real upside to that.
>>>
>>> /Clae
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20190815/668f8a43/attachment.htm>
More information about the security-dev
mailing list