Re: Security Changes in JDK 1.2b4

schemers@Eng
Thu, 23 Jul 1998 13:38:00 -0700 (PDT)

Date: Thu, 23 Jul 1998 13:38:00 -0700 (PDT)
From: schemers@Eng
To: Chris Bergstresser <chris@subtlety.com>
Subject: Re: Security Changes in JDK 1.2b4
In-Reply-To: <19980723201823546.AAA214@pynchon>

Chris Bergstresser writes:
> I'm writing about the new syntax for privileged blocks of code. While I
> understand the reasons for removing the beginPriviliged/endPriviliged
> syntax, the new syntax is not only ugly but confusing. The old syntax was
> slightly bad; the new is downright horrible. It's an axiom that the less
> simple something is to understand, the more likely it is to hide security
> flaws. There simply *must* be new keywords added to the language to
> support the new security functionality.

I think we all agree with you that the new syntax is less then
wonderful. It is/was much too late in the JDK 1.2 product cycle to
consider adding new keywords, otherwise we probably would have.
We will be working with the VM/JLS folks to come up with a cleaner
solution in the next big release after JDK 1.2.

thanks, roland