On 05/05/2016 09:50 PM, Alan Bateman wrote:
On 05/05/2016 17:31, Andrew Dinn wrote:
:
I looked at several ways of making this work and decided the best thing
was to have the agent redefine AccessibleObject.checkCanSetAccessible so
that it grants Byteman code (specifically one Byteman class called Rule)
free reign when it calls this method. This still retains security
manager checks made around this call. Choosing this method targets the
code which does module access checks.
This is very fragile because checkCanSetAccessible is not part of the
API and may go away or change at any time.
Have you looked at injecting code in the victim module that invokes
Module addExports to export the packages to the Byteman modules
(modules plural because it sounds like the code is split between the
unnamed module of the app class loader and the unnamed modulie of the
boot loader).
-Alan
What about adding an all-powers addModuleExports(module, pn, other)
method to java.lang.instrument.Instrumentation (like it was done with
addModuleReads) to simplify the agent's task? An agent could be
considered trusted code, couldn't it?
Regards, Peter
