[
https://issues.apache.org/jira/browse/GROOVY-8339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16833034#comment-16833034
]
Jochen Theodorou commented on GROOVY-8339:
------------------------------------------
I just remembered what was bothering and why I did not follow the route you
guys currently follow. But my aim was more for allowing named Modules in
Groovy... anyway:
Let us assume we have the Modules M1 and M2 written in Groovy, both have public
and private API. Anything in M1 is allowed to access anything in M1, anything
in M2 is allowed to access anything in M2. Anything in M1 is allowed to access
the public API of M2, but not the private API. Similar anything in M2 is
allowed to access the public API in M1, but not the private API.
Now, if you take a public API class from M1 and make a call m() to the private
API of M1, this call is allowed, but it will also init the meta class for said
class. Now assume you make a call from M2 to M1 and get an object back,
implementing the public API, but being itself of said private API class of M1.
If you now call m() you will get denied by the module system. Imagine it is not
m(), but m(X) and there is also an accessible method m(Y), which would be
callable as well, but X is the more precise type... Then method selection would
have to use m(X) for the call from M1 and m(Y) for the call from M2. But
because the meta class/ cached class is already initialized, this would not
happen. Worse is the reverse case.
You could think that if the init is done using what the Groovy module can see,
then there is one essential point to be considered... the private APIs of M1
and M2 are not visible even to a Groovy module. That means to correctly reflect
the case above not only do we have to make method selection dependent on the
module, the call itself must not be done from the caller module. This rules out
completely Reflection the way we use it and our cuirrent callsite caching, only
leaving direct method calls and invokedynamic.
> Fix warning "An illegal reflective access operation has occurred"
> -----------------------------------------------------------------
>
> Key: GROOVY-8339
> URL: https://issues.apache.org/jira/browse/GROOVY-8339
> Project: Groovy
> Issue Type: Improvement
> Components: groovy-jdk
> Affects Versions: 2.4.11, 2.4.15
> Environment: >gradle --version
> Gradle 4.2
> Build time: 2017-09-20 14:48:23 UTC
> Revision: 5ba503cc17748671c83ce35d7da1cffd6e24dfbd
> Groovy: 2.4.11
> Ant: Apache Ant(TM) version 1.9.6 compiled on June 29 2015
> JVM: 9 (Oracle Corporation 9+181)
> OS: Windows 10 10.0 amd64
> Reporter: Benjamin Roedell
> Assignee: Daniel Sun
> Priority: Major
> Labels: security
> Fix For: 3.0.0-beta-1
>
> Time Spent: 3h 20m
> Remaining Estimate: 0h
>
> I'm running JDK-9 on Windows 10 with Gradle 4.2.
> My global gradle.properties file contains the following line:
> org.gradle.java.home=C:/Program Files/Java/jdk-9
> When I request the gradle version (gradle --version) I get the following
> warning:
> {code:none}
> WARNING: An illegal reflective access operation has occurred
> WARNING: Illegal reflective access by
> org.codehaus.groovy.reflection.CachedClass
> (file:/C:/Program%20Files/gradle-4.2/lib/groovy-all-2.4.11.jar) to method
> java.lang.Object.finalize()
> WARNING: Please consider reporting this to the maintainers of
> org.codehaus.groovy.reflection.CachedClass
> WARNING: Use --illegal-access=warn to enable warnings of further illegal
> reflective access operations
> WARNING: All illegal access operations will be denied in a future release
> {code}
> This warning displayed regardless of whether I'm using a regular command
> prompt or an elevated rights (Administrator) command prompt.
> Here's the full command and output:
> {code:none}
> gradle --version
> WARNING: An illegal reflective access operation has occurred
> WARNING: Illegal reflective access by
> org.codehaus.groovy.reflection.CachedClass
> (file:/C:/Program%20Files/gradle-4.2/lib/groovy-all-2.4.11.jar) to method
> java.lang.Object.finalize()
> WARNING: Please consider reporting this to the maintainers of
> org.codehaus.groovy.reflection.CachedClass
> WARNING: Use --illegal-access=warn to enable warnings of further illegal
> reflective access operations
> WARNING: All illegal access operations will be denied in a future release
> ------------------------------------------------------------
> Gradle 4.2
> ------------------------------------------------------------
> Build time: 2017-09-20 14:48:23 UTC
> Revision: 5ba503cc17748671c83ce35d7da1cffd6e24dfbd
> Groovy: 2.4.11
> Ant: Apache Ant(TM) version 1.9.6 compiled on June 29 2015
> JVM: 9 (Oracle Corporation 9+181)
> OS: Windows 10 10.0 amd64
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
