Nick Williams wrote:
> I'm going to stick by my original assessment that I'm not convinced
> there's a security issue. It's possible that getClassContext() filters
> out classes the caller can't access, but nothing in the documentation
> indicates that's the case, so I'm operating under the assumption that it
> doesn't.
SecurityManager.getClassContext() is not available to unpriviliged callers, so
I don't think this a valid argument.
Given the security implications, the serialization issue and the need for weak
references, it seems to me that adding this to Throwable would be way too
expensive.
Adding a new API to collect a stack trace seems like a far better approach.
Here's my off the cuff proposal:
public final class StackFrame {
public Executable method();
public String getFileName();
public int getLineNumber();
public static StackFrame[] capture(int skipFrames, int maxLength, boolean
includeSourceInfo);
}
Regards,
Jeroen
