Authorization layer API and low level access checks.
Peter Firmstone
peter.firmstone at zeus.net.au
Thu Jun 24 06:29:26 UTC 2021
Thanks Remi,
We're still building on 8, for CORBA-IIOP stubs, but will look into this
when we've found an alternative IIOP stub compiler.
--
Regards,
Peter
On 23/06/2021 8:02 pm, Remi Forax wrote:
> ----- Mail original -----
>> De: "Andrew Dinn" <adinn at redhat.com>
>> À: "Peter Firmstone" <peter.firmstone at zeus.net.au>, "discuss" <discuss at openjdk.java.net>
>> Cc: "security-dev" <security-dev at openjdk.java.net>
>> Envoyé: Mercredi 23 Juin 2021 11:19:42
>> Objet: Re: Authorization layer API and low level access checks.
>> OHi Peter,
>>
>> n 23/06/2021 04:02, Peter Firmstone wrote:
>>> 1. StackWalker - Can stack walker be back ported to Java 8?
>> The right place to ask about this is the jdk8u updates project list.
>> However, you probably don't need to ask there because the answer is
>> almost certainly going to be a very loud no.
>>
>> JDK8u is in long term maintenance mode. The goal of the updates project
>> for that release is to fix security issues and critical bugs *and
>> nothing else* so that existing deployments remain stable as far as
>> possible. Except when required to meet those goals backporting of new
>> functionality is done only under exceptional circumstances.
>>
>> The only recent examples of new function backports that I am aware of
>> have involved merging up functionality from downstream releases in order
>> to 1) unify the platform and 2) enable downstream contributors to help
>> to maintain a single, standard release i.e. highly exceptional cases
>> where there was a problem for existing users. Your request, by contrast,
>> is exactly the sort of case that maintainers are trying to avoid -- it
>> will introduce change with no gain and the potential of breakage for the
>> vast majority of users.
>>
>> If you want to deal with deployments pre and post removal of the
>> Authorization support that you currently rely on I suggest you consider
>> doing that by using a multi-release implementation and package it using
>> the multi-release jar format. If you don't like the idea of
>> multi-release jars you can still implement a standard jar format
>> solution using a provider model. However, you will still need to build
>> the alternative provider jars using the relevant JDK releases so that
>> different providers can rely on different JDK capabilities..
> Technically, you may not need several JDKs because you can ask javac to behave as if it was compiling like a previous JDK using the option "--release" (this option is also available with Maven and Gradle).
> I believe that compiling as the release 8 will be supported up to Java 23.
>
>> regards,
>>
>>
>> Andrew Dinn
>> -----------
>> Red Hat Distinguished Engineer
>> Red Hat UK Ltd
>> Registered in England and Wales under Company Registration No. 03798903
>> Directors: Michael Cunningham, Michael ("Mike") O'Neill
> regards,
> Rémi
More information about the security-dev
mailing list