I recently added some security checking code to libgcj. In particular we now do access checking for reflection: Method calls and Field reads and writes.
This breaks serialization quite dramatically. Now uses of serialization cause crashes, as we get into infinite recursion catching and writing out IOExceptions. Beyond the bugs in serialization that that must imply, I'm wondering how the serialization code is supposed to deal with access checking. I think we should be calling setAccessible(true) on all Field and Method objects. But should we be doing that as a privileged action? Mark, I was really hoping you already knew about all this stuff. Otherwise research is required. See these gcj PRs for reference: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=11728 http://gcc.gnu.org/bugzilla/show_bug.cgi?id=11737 The first one has a HashMap serialization fix. It looks correct to me, but I wanted to test it first. But that can't be done until the other problems are resolved... Tom _______________________________________________ Classpath mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/classpath
