On 10/09/2015 06:06, Robert Muir wrote:
:
Problems were basically all test/build related:
* API oddities around FileChannel required a better hack (thanks
Brian):
http://mail.openjdk.java.net/pipermail/nio-dev/2015-September/003322.html
This one is subtle is that it was using core reflection to call a
protected method in sun.nio.ch.FileChannelImpl. Static analysis with
tools such as jdeps don't find cases like this. Good to see that a
solution was found to this.
* Cleaning up a bunch of bad package accesses, these were already
TODOs in our test security policy, mostly just test bugs and the like.
"bad package accesses", do you mean direct use of JDK-internal classes?
As you mention security policy then I will guess that these must be
granting of accessClassInPackage.$PKG because the default policy when
running with a security manager does not allow direct access to sun.* APIs.
:
Overall I like how this stuff is more locked down. I do think a lot of
projects will need to cleanup their code. For both these projects I am
testing, we already had a nice head start: testing 9-ea versions
already, running tests with security manager, trying to whittle down
the bad package accesses for a while now, submit fixes to libraries we
depend on, etc.
Thanks for sending the mail with your experiences, this is exactly the
type of discussion we are interested in.
-Alan
