Hello all, I was quite surprised when I learned that on short notice a change landed to jdk9 that by default disallows agent runtime attach. The JDK-8177154 mentiones that the implementation is desigend to keep random agents out while still allowing "cooperative troubleshooting tools". Otherwise -XX:+DisableAttachMechanism would have been sufficient.
As the vendor of troubleshooting and monitoring tools, we would like to know how we can be considered cooperative, to be still allowed to use the attach API. As of now, we use the attach API to monitor a vast number of JVMs in the wild. The description in the issue hints at that "self-elevation" of code via attach was the primary target, but that because such code could fork a new JVM to remote attach, this effectively cannot be prevented. I wonder why the self-elevation cannot be prevented using the SecurityManager? It would prevent VirtualMachine.loadAgent and variants of Runtime.exec. With disabling the attach API loadAgent() users no longer can use any monitoring or troubleshooting tool that uses javaagents that use instrumentation (that is not only us) Could vendors become certified to still be allowed to invoke the API? Is that the idea behind cooperative troubleshooting tools? I want to question the statement: 5. The change should only impact a small number of tools Has an evaluation been performed on what tools use the API and how many of them are affected? The notes also state that not resolving the jdk.attach module will not work because several tools use that API. I find this confusing. Aren't those tools also affected by turning off the loadAgent API? I would appreciate some information on this and how we can still function by default in the future. Best regards Fabian Lange -- Fabian Lange | VP of Engineering Mobile: +49 (0) 160.3673393 INSTANA Inc | 541 Jefferson Ave, Ste 100 | 94063 Redwood City, CA | United States INSTANA GMBH | Hochstraße 11 | 42697 Solingen | Deutschland Sitz der Gesellschaft: Solingen | HRB 26637 | Amtsgericht Wuppertal Geschäftsführer: Mirko Novakovic | Pavlo Baron
