On 05/05/2016 17:31, Andrew Dinn wrote:
:
I looked at several ways of making this work and decided the best thing
was to have the agent redefine AccessibleObject.checkCanSetAccessible so
that it grants Byteman code (specifically one Byteman class called Rule)
free reign when it calls this method. This still retains security
manager checks made around this call. Choosing this method targets the
code which does module access checks.
This is very fragile because checkCanSetAccessible is not part of the
API and may go away or change at any time.
Have you looked at injecting code in the victim module that invokes
Module addExports to export the packages to the Byteman modules (modules
plural because it sounds like the code is split between the unnamed
module of the app class loader and the unnamed modulie of the boot loader).
-Alan
