Disallowing the dynamic loading of agents by default
javalists at cbfiddle.com
Tue Apr 4 15:18:36 UTC 2017
> On Apr 3, 2017, at 3:36 PM, mark.reinhold at oracle.com wrote:
>> The sort of thing I am thinking about is, say, a module-wide
>> global analysis in the JIT guaranteeing that a call argument will only
>> ever be non-NULL, a positive int, or some such invariant that can fed
>> into an optimization phase. I can understand how a switch to disable
>> dynamic agent loading might be needed to underline that sort of guarantee.
> That's exactly the kind of thing we want to enable, long-term, and one
> reason why integrity is worth improving aside from any considerations
> of security -- and why suggestions by others to "just use a security
> manager" if you care about such things are beside the point.
There has always been a conflict between optimization and the ability to make changes to the program at runtime. I don’t see this as an “integrity” issue or related to modules. If a program (including a JDK) has been built with a certain level of optimization, then certain runtime changes either cannot be performed or will not have the intended effect. If, as an example that has been previously suggested, some agent needs to create a subclass of a final class, then the vendor of that agent needs to instruct their customers on how to ensure that their JDK/application can support this behavior.
More information about the jigsaw-dev