Lambdas and serialization

Bob Lee crazybob at
Wed Oct 20 08:32:53 PDT 2010

On Tue, Oct 19, 2010 at 11:19 AM, Rémi Forax <forax at> wrote:

> If you can serialize a lambda, you are able to forge a binary blob which
> once decoded by the serialization
> is a reference any private method.

FWIW, normal Java Method instances aren't serializable simply because they
may not exist from VM to VM. You're typically able to look up private
methods, even if you can't invoke them. The security checks happen when you
try to invoke them.

That's not to say lambdas will work this way.


More information about the lambda-dev mailing list