On 4/15/22 10:46 PM, Peter Firmstone wrote:
To securely instrument access controls onto public Java API, we need to
have the ability to disable finalizers, to prevent finalizer attacks
from circumventing access controls.
Since finalizers are planned for removal, as soon as finalizers are
offic
To securely instrument access controls onto public Java API, we need to
have the ability to disable finalizers, to prevent finalizer attacks
from circumventing access controls.
Since finalizers are planned for removal, as soon as finalizers are
officially deprecated, I propose a command line f
