On 28/07/2014 7:28 PM, Peter Firmstone wrote:
Updated files attached, including update to State of Serialization draft.
For those who didn't get the attachment:
*State of Java Serialization - Draft*
Introduction
The Java Serialization framework enables object state to be frozen,
s
Updated files attached, including update to State of Serialization draft.
Note that the attached source code can be provided under the Oracle
agreement.
I'm a little time poor, so please contribute suggestions etc.
Regards,
Peter.
On 26/07/2014 7:57 PM, Peter Firmstone wrote:
I'
I'm somewhat time poor at present, it's a draft.
The intent is to open a discussion to:
1. Address security issues
2. Make Serializable2 api completely public and backward compatible
with the existing serial stream protocol.
3. Allow Serializable to be switched off via a jvm switch
On
On 20/07/2014 11:57, Peter Firmstone wrote:
Since private methods are only be called by the ObjectOutputStream /
ObjectInputStream, during de-serialisation, subclass are not responsible
for calling these methods, hence subclass ProtectionDomain's are not
present in the Thread's AccessControlCont
David,
I've gone over the list archives and read your earlier post about
serializable constructors and agree with your post.
The class SerialFields below, represents the serial form of a
Serializable object, the stream protocol would remain unchanged.
SerialFields would be the equivalent of
