RFR [9] 8148117: Move sun.misc.Cleaner to jdk.internal.ref

Alan Bateman Alan.Bateman at oracle.com
Tue Jan 26 14:32:43 UTC 2016

On 26/01/2016 14:05, Uwe Schindler wrote:
> Hi,
> looks good to me. Once we have EA builds with that I will adapt the ByteBufferIndexInput code in Lucene.
> One thing about the Runable: This should work perfectly fine, because we only need to make call the getCleaner() method accessible, call it and finally check if return type implements Runable (if not we fall back to pre Java 9 code). We can then cast and invoke the cleaner without any further reflection.
> But there is now some security related issue: The reflection on DirectBuffer should work in most environments (also with security managers), so you can get the Cleaner instance with a doPrivileged (ideally). But as this cleaner instance was previously inside sun.misc package, and you needed RuntimePermission "accessInPackage.sun.misc" to call and make the clean method accessible. But with the new patch you no longer need this permission, making it easier to invoke that method.
This is a private field so if you are hacking into it then you'll need 
ReflectPermission("suppressAccessChecks") when running with a security 
manager. Clearly anything with a reference to a Cleaner needs to be 
super careful not to let it leak to untrusted code.


More information about the core-libs-dev mailing list