ObjectIn/OutputStream bypass accessibility security
0 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   The_Manny
Posted On:   Thursday, February 20, 2003 07:10 AM

When OIS and OOS go about their business, they manage to (among other things) write/read private and protected class members despite not having an authoritative relationship with the objects upon which they perform these tasks. I managed to track down the GNU source for OIS and the meat of the work (the class member assignment) is deligated to a set of native methods, one for each type (the source of which I couldn't find). My questions: 1) Is there a standardized way that the JVM facilitates these operations? 2) How does the JVM prevent similar usage from occuring by other code at varying points in an object's lifetime? 3) Is there a controlled-access interface to these same method   More>>

When OIS and OOS go about their business, they manage to (among other things) write/read private and protected class members despite not having an authoritative relationship with the objects upon which they perform these tasks. I managed to track down the GNU source for OIS and the meat of the work (the class member assignment) is deligated to a set of native methods, one for each type (the source of which I couldn't find).


My questions:


1) Is there a standardized way that the JVM facilitates these operations?


2) How does the JVM prevent similar usage from occuring by other code at varying points in an object's lifetime?


3) Is there a controlled-access interface to these same methods available to non-JVM geeks that want to have some fun or have serious work to perform?


Thanks.

   <<Less
About | Sitemap | Contact