Michał > On 14 Jan 2025, at 18:14, Code Ranger <coderanger2...@outlook.com> wrote: > > > On 1/14/25 18:50, Alan Bateman wrote: >> >> For the JDK modules then I think we need to understand more about the issues >> you are dealing with. Is this about serialization, or is this plugin code >> that needs to be fixed to not depend on JDK internals. We get it that you >> can't know all the bad things that these plugins might do but this doesn't >> mean it's a problem that should be solved. > > Why did you add --add-* parameters to JDK? Is it a problem that should be > solved? > > We are going in circles. I have explained in great detail the limitations of > the --add-* parameters.
I am a little lost now. OpenJDK developers say it is their goal NOT to enable any third party module to easily bypass integrity protections. “Easy” is the key word: they make it possible to do so, as your application can embed runtime configured with an agent or you can implement the solution described by Alex, but they make it difficult on purpose. And that is their goal. Yet they still ask you about the actual use case as they are open to the idea that maybe they missed something important and the goal as stated And you don’t provide any. Being myself a huge sceptic of the direction towards static linking - I fail to see what your goal is. Why do you think it should be easierfor your library to bypass built-in integrity protections? Michal
