On Wed, 17 Jul 2024 17:47:11 GMT, Chen Liang <[email protected]> wrote:
> Please review this change that moves `Class.protectionDomain` and `signers`
> to explicit fields.
>
> Related native methods in `Class` and `AccessController::getProtectionDomain`
> are converted to pure Java. These fields are still set and used by hotspot.
> Also fixes the incorrect `protectiondomain_signature` in `vmSymbols`, which
> is actually an array descriptor.
>
> Note that these new fields are not filtered: filtering in early bootstrap
> requires other unrelated adjustments as we can't even use hashCode on String,
> and filtering is not proper encapsulation either.
Offline discussion with Chen and I think the advice is to drop all the changes
for ProtectionDomain for now. This area will change significantly as part of
the SecurityManager removal work.
src/java.base/share/classes/jdk/internal/access/JavaLangAccess.java line 430:
> 428: * {@link Class#getProtectionDomain()}
> 429: */
> 430: ProtectionDomain protectionDomain(Class<?> c, boolean raw);
I don't think we should expose this outside of java.lang.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/20221#issuecomment-2233996684
PR Review Comment: https://git.openjdk.org/jdk/pull/20221#discussion_r1681559624
