The other solution is to use a VarHandle instead of Unsafe for setting the
final field,
i don't think that letting unprivileged module to access to Unsafe is a good
idea.
cheers,
Rémi
----- Mail original -----
> De: "Alan Bateman" <alan.bate...@oracle.com>
> À: "Wang Weijun" <weijun.w...@oracle.com>
> Cc: "jigsaw-dev" <jigsaw-...@openjdk.java.net>, "OpenJDK"
> <security-dev@openjdk.java.net>
> Envoyé: Mardi 5 Juillet 2016 09:56:35
> Objet: Re: Questions on deprivileging a module
>
> On 05/07/2016 08:15, Wang Weijun wrote:
>
> > :
> > It's a runtime error.
> >
> > @CallerSensitive
> > public static Unsafe getUnsafe() {
> > Class<?> caller = Reflection.getCallerClass();
> > if (!VM.isSystemDomainLoader(caller.getClassLoader()))
> > throw new SecurityException("Unsafe"); <<<<<< The exception thrown
> > return theUnsafe;
> > }
> >
> > Just tried the one in jdk.unsupported, same error.
> >
> Okay, maybe this restriction in jdk.internal.misc.Unsafe needs to
> relaxed. For now then I assume you can read Unsafe.theUnsafe which is
> how user code typically gets it.
>
> -Alan.
>
