Integrity by Default - Inside Java Newscast #73
Nicolai Parlog on July 18, 2024Integrity is a cornerstone of the Java Platform as it enables/bolsters reliability, maintainability, security, and performance. But there are operations that undermine it: deep reflection with setAccessible
, Unsafe
, native code, and agents allow code to break many of Java’s promises.
Now, OpenJDK wants to lock them down by default, requiring command-line options like --enable-native-access
to enable them, thus ensuring the platform has integrity by default while application operators can still make the choice to trade that away if the benefits are worth it.
Make sure to check the show-notes.