Open tzaeschke opened 2 years ago
Java 18 deprecates the SecurityManager. This has several implications. Obvious ones to check:
setAccessible()
References: https://openjdk.java.net/jeps/411 https://inside.java/2021/04/23/security-and-sandboxing-post-securitymanager/ https://issues.apache.org/jira/browse/DERBY-7138 https://stackoverflow.com/a/53935674/980270 (2nd comment: "There are few other ways to block reflection operations: 1) setAccessible() 2) RetentionPolicy annotated class gets a RuntimeInvisible\ RuntimeVisible class attribute or won't appear in the decompiled class 3) Use module concept in Java 9 and Reflection Permissions")
RetentionPolicy
module
Java 18 deprecates the SecurityManager. This has several implications. Obvious ones to check:
setAccessible()become cheap enough that we do not need to cache it?References: https://openjdk.java.net/jeps/411 https://inside.java/2021/04/23/security-and-sandboxing-post-securitymanager/ https://issues.apache.org/jira/browse/DERBY-7138 https://stackoverflow.com/a/53935674/980270 (2nd comment: "There are few other ways to block reflection operations: 1)
setAccessible()2)RetentionPolicyannotated class gets a RuntimeInvisible\ RuntimeVisible class attribute or won't appear in the decompiled class 3) Usemoduleconcept in Java 9 and Reflection Permissions")