----- Mail original ----- > De: "John Rose" <john.r.r...@oracle.com> > À: "David M. Lloyd" <david.ll...@redhat.com> > Cc: jigsaw-dev@openjdk.java.net > Envoyé: Mardi 1 Novembre 2016 15:04:33 > Objet: Re: New proposal for #ReflectiveAccessToNonExportedTypes: Open modules > & open packages
> On Nov 1, 2016, at 9:53 AM, David M. Lloyd <david.ll...@redhat.com> wrote: >> >> 1. It requires the target class to be initialized >> 2. It requires the target class to proactively donate MethodHandles or a >> Lookup >> to the lookup class > > Both of these can be overcome, though only by privileged code. > The privileged code would forge (uh, "mint") a legitimate Lookup to the > not-yet-initialized class. > A "Vault" meta-framework doesn't need to inject a Lookup donation statement > into > anybody's <clinit>. > Instead, it needs to do the super-user operation of making a trusted lookup. > It must also fulfill the super-user *responsibility* of not leaking such > lookups, just using them in a predictable, rule-based manner. > — John yes, being in java.lang.invoke is enough, https://gist.github.com/forax/cab12206323ca2e5866c9f8e20ee6d40 Rémi
