Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > linux.debian.maint.java > #12645

Bug#1037455: ITP: narcissus -- limited Java reflection library that bypasses security restrictions

Cross-posted to 3 groups.

Show all headers | View raw

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias <joe@nahmias.net>
X-Debbugs-Cc: debian-devel@lists.debian.org, debian-java@lists.debian.org, tool.factory.heads@gmail.com, joe@nahmias.net

* Package name    : narcissus
  Version         : 1.0.7
  Upstream Contact: ToolFactory <tool.factory.heads@gmail.com>
* URL             : https://github.com/toolfactory/narcissus
* License         : MIT
  Programming Lang: Java
  Description     : limited Java reflection library that bypasses security restrictions

Narcissus is a JNI native code library that provides a small subset of the Java
reflection API, while bypassing all of Java's access/visibility checks,
security manager restrictions, and module strong encapsulation enforcement, by
calling methods and accessing fields through the JNI API. This allows code that
relies on reflective access to non-public classes, fields, and methods to keep
working even now that strong encapsulation is being enforced in JDK 16+.

Narcissus works on JDK 7+, however it is most useful for suppressing reflective
access warnings in JDK 9-15, and for circumventing strong encapsulation for JDK
16+, in order to keep legacy software running (for example, when legacy
software depends upon setAccessible to access a needed private field of a class
in some library).

Back to linux.debian.maint.java | Previous | Next | Find similar

Thread

Bug#1037455: ITP: narcissus -- limited Java reflection library that bypasses security restrictions Joseph Nahmias <joe@nahmias.net> - 2023-06-13 07:00 +0200

csiph-web