Open GoogleCodeExporter opened 9 years ago
Hmmmmm, why wouldn't setAccessible() work?
Original comment by crazybob...@gmail.com
on 15 Mar 2007 at 12:53
Assuming you have permissions (Kevin does).
Original comment by crazybob...@gmail.com
on 15 Mar 2007 at 2:34
other than a SecurityManager? nothing should... is there a specific message?
conceivably something viral like a class being loaded as a result of the call
might?
Im really reaching tho...
Original comment by dha...@gmail.com
on 15 Mar 2007 at 4:14
oops, said my last comment in email only.
Guice ended up trying to construct an instance of the class java.lang.Class.
It was
an accident, and no way is java gonna let you just setAccessible() on that
thing, and
let's be glad for that. :)
Anyway, apart from the java.lang.Class example, we ought to make sure that guice
always reports problems helpfully, no matter what the security manager.
Original comment by kevin...@gmail.com
on 15 Mar 2007 at 4:22
Original comment by limpbizkit
on 5 Jun 2008 at 6:17
Only Class.class and Constructor.class disallow setAccessible. These cases were
indirectly fixed when we
disallowed private no-arg constructors that weren't annotated with @Inject.
For the general SecurityManager case, this is probably not worth the effort. I
tried to write a test that uses a
SecurityManager, but it seems that almost anything we do has the potential of
throwing a SecurityException. For
example, looking up the annotations on a type indirectly requires the reflect
permission.
Original comment by limpbizkit
on 12 Jul 2008 at 5:18
Original issue reported on code.google.com by
kevin...@gmail.com
on 14 Mar 2007 at 3:48