Nathan Beyer wrote:
> I just looked at the changes you made and have a question about this
> snippet.
>
> + if (VM.callerClassLoader() != null) {
> + throw new SecurityException("Unsafe");
> + }
>
> I just want to understand what this actually means. If the
> 'callerClassLoader' is null, then the caller is the bootstrap class
> loader, correct? Assuming that's correct, we're asserting that only
> classes in the bootstrap class loader can call Unsafe, correct?
Exactly, we are saying that only 'system' code (i.e. that on the
bootclasspath) can get an instance of Unsafe because of the inherent
dangers in the Unsafe APIs. It is then the responsibility of such
system code not to release the instance of Unsafe to application code.
Regards,
Tim
--
Tim Ellison ([EMAIL PROTECTED])
IBM Java technology centre, UK.
