On Thu, 29 Apr 2021 10:31:29 GMT, Maurizio Cimadamore <mcimadam...@openjdk.org> wrote:
> I think I expect that, with caller sensitive, it is possible from a client in > an "enabled" module to obtain a MethodHandle, and then pass it to an > unprivileged module, which then calls it, and works ok. This matches my > expectation (this trick could be used also to give a client access to an > otherwise inaccessible - in the classic sense - method). > > So, when working with method handles, I'm completely fine working with the > lookup class as context (and not with the real caller class). Good, this matches the behavior of method handles for CSMs. However, I think the implementation does the opposite since we don't support interface method being CSM. Can you test that out? > Given all this, do you agree that current checks are not affected by > interface-ness of some of the methods involved? I think the implementation does not support that. I will also need to look into how this impacts JDK-8266010. As I suggest earlier, I'm fine to do this as a follow up after integration. ------------- PR: https://git.openjdk.java.net/jdk/pull/3699
