On 10/03/2014 10:15 PM, Alan Bateman wrote:
On 03/10/2014 08:13, David M. Lloyd wrote:
:
Why the problem occurs
----------------------
The root of the problem traces back to
SecurityManager.checkMemberAccess(). This method is the one remaining
method in all of SecurityManager which uses the calling class context
(stack) in order to determine the nature of the access check that is
needed.
Are you sure you see this in JDK 8 too? I ask because I remember David
Holmes changed the Atomic*Updater methods to call getDeclaredField in a
privileged block (JDK-7103570). Also there work in JDK 8 on caller
sensitive methods (JEP 176). As part of this then SM.checkMemberAccess
was deprecated and usages in the JDK dropped (Class.getDeclaredField and
the others no longer use it).
Ah, I will double check. I admit my JDK 8 checkout is (still) very old,
and it appeared like the code was similar, and given the prior
discussion it did not occur to me to check out more recent code. But
I'll check with a newer JDK 8 - if I can target the workaround, all the
better.
Either way though I do feel that a JDK 7 backport is warranted,
especially considering that Java EE 7 is the state of the art for EE
right now.
--
- DML
