[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
question about serialization
From: |
Tom Tromey |
Subject: |
question about serialization |
Date: |
31 Jul 2003 11:16:46 -0600 |
I recently added some security checking code to libgcj. In particular
we now do access checking for reflection: Method calls and Field reads
and writes.
This breaks serialization quite dramatically. Now uses of
serialization cause crashes, as we get into infinite recursion
catching and writing out IOExceptions.
Beyond the bugs in serialization that that must imply, I'm wondering
how the serialization code is supposed to deal with access checking.
I think we should be calling setAccessible(true) on all Field and
Method objects. But should we be doing that as a privileged action?
Mark, I was really hoping you already knew about all this stuff.
Otherwise research is required.
See these gcj PRs for reference:
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=11728
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=11737
The first one has a HashMap serialization fix. It looks correct to
me, but I wanted to test it first. But that can't be done until the
other problems are resolved...
Tom
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- question about serialization,
Tom Tromey <=