Authorization Layer post JEP 411
Andrew Dinn
adinn at redhat.com
Thu Jun 3 08:47:43 UTC 2021
On 03/06/2021 08:28, Peter Firmstone wrote:
> Apologies, I meant when compiled to native code, when you ship native
> binaries.
I'm not sure what you mean here. Are you talking about native binaries
as generated by the GraalVM Native Image Generator? If you are
suggesting there is a disparity in behaviour between any such image and
the original app running on the JVM - whether specifically with respect
to how the stack walk APIs operate or more generally -- then I'd be
very interested to know the full details.
Note however that were any such disparity to exist then there is no onus
on the OpenJDK project to react to it. OpenJDK is based on a well
defined standard and is not beholden to decisions made by other projects
about how to translate Java code into a delivered executable.
> Having said that, if it's necessary to use StackWalker behind
> AccessController.doPrivileged going forward then lets do so, and maybe
> the native binary is a later feature.
>
> Hopefully my proposal is getting some consideration.
If you are proposing a change to Java then I think recommend that you
propose it relative to the current reference implementation of the Java
Language (and JVM) standards i.e. OpenJDK.
regards,
Andrew Dinn
-----------
Red Hat Distinguished Engineer
Red Hat UK Ltd
Registered in England and Wales under Company Registration No. 03798903
Directors: Michael Cunningham, Michael ("Mike") O'Neill
More information about the security-dev
mailing list