Low level hooks in JDK for instrumentation of permission checks.

Alan Bateman Alan.Bateman at oracle.com
Thu Jun 10 06:22:24 UTC 2021

On 10/06/2021 03:49, Peter Firmstone wrote:
> Hi Sean,
> Sorry I've confused you.
> What I should have said is a ProtectionDomain with a null CodeSource.
> What I mean to ask is, where ProtectionDomain is created with a null 
> CodeSource, in Class::getProtectionDomain() can we have CodeSource's 
> that represents system modules instead of null?
> A CodeSource with URL's like jrt:/jdk.* or jrt:/java.*  for system 
> modules?

This is already the case for system modules that are mapped to the 
platform or application class loaders. I think your question is about 
modules that are mapped to the boot loader and whether they should get a 
unique PD that includes a useful code source rather than using a 
"shared" PD. That would be changing long standing behavior and would 
require careful analysis to see if anything would break.


More information about the jdk-dev mailing list