Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > linux.debian.maint.java > #12645

Bug#1037455: ITP: narcissus -- limited Java reflection library that bypasses security restrictions

Path csiph.com!1.us.feeder.erje.net!3.us.feeder.erje.net!3.eu.feeder.erje.net!feeder.erje.net!fu-berlin.de!bofh.it!news.nic.it!robomod
From Joseph Nahmias <joe@nahmias.net>
Newsgroups linux.debian.bugs.dist, linux.debian.devel, linux.debian.maint.java
Subject Bug#1037455: ITP: narcissus -- limited Java reflection library that bypasses security restrictions
Date Tue, 13 Jun 2023 07:00:02 +0200
Message-ID <GG4im-fy8I-3@gated-at.bofh.it> (permalink)
X-Original-To Debian Bug Tracking System <submit@bugs.debian.org>
X-Mailbox-Line From debian-bugs-dist-request@lists.debian.org Tue Jun 13 04:57:10 2023
Old-Return-Path <debbugs@buxtehude.debian.org>
X-Spam-Flag NO
X-Spam-Score -3.16
Reply-To Joseph Nahmias <joe@nahmias.net>, 1037455@bugs.debian.org
Resent-To debian-bugs-dist@lists.debian.org
Resent-Cc debian-devel@lists.debian.org, debian-java@lists.debian.org, tool.factory.heads@gmail.com, joe@nahmias.net, wnpp@debian.org
X-Debian-Pr-Message report 1037455
X-Debian-Pr-Package wnpp
Content-Type text/plain; charset="us-ascii"
MIME-Version 1.0
Content-Transfer-Encoding 7bit
X-Mailer reportbug 12.0.0
X-Debian-Message from BTS
X-Mailing-List <debian-bugs-dist@lists.debian.org> archive/latest/1774605
List-ID <debian-bugs-dist.lists.debian.org>
List-URL <https://lists.debian.org/debian-bugs-dist/>
Approved robomod@news.nic.it
Lines 25
Organization linux.* mail to news gateway
Sender robomod@news.nic.it
X-Original-Date Tue, 13 Jun 2023 00:54:19 -0400
X-Original-Message-ID <168663205915.3870341.152652530794163565.reportbug@pinky.nahmias.net>
Xref csiph.com linux.debian.bugs.dist:1149424 linux.debian.devel:108192 linux.debian.maint.java:12645

Cross-posted to 3 groups.

Show key headers only | View raw

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias <joe@nahmias.net>
X-Debbugs-Cc: debian-devel@lists.debian.org, debian-java@lists.debian.org, tool.factory.heads@gmail.com, joe@nahmias.net

* Package name    : narcissus
  Version         : 1.0.7
  Upstream Contact: ToolFactory <tool.factory.heads@gmail.com>
* URL             : https://github.com/toolfactory/narcissus
* License         : MIT
  Programming Lang: Java
  Description     : limited Java reflection library that bypasses security restrictions

Narcissus is a JNI native code library that provides a small subset of the Java
reflection API, while bypassing all of Java's access/visibility checks,
security manager restrictions, and module strong encapsulation enforcement, by
calling methods and accessing fields through the JNI API. This allows code that
relies on reflective access to non-public classes, fields, and methods to keep
working even now that strong encapsulation is being enforced in JDK 16+.

Narcissus works on JDK 7+, however it is most useful for suppressing reflective
access warnings in JDK 9-15, and for circumventing strong encapsulation for JDK
16+, in order to keep legacy software running (for example, when legacy
software depends upon setAccessible to access a needed private field of a class
in some library).

Back to linux.debian.maint.java | Previous | Next | Find similar

Thread

Bug#1037455: ITP: narcissus -- limited Java reflection library that bypasses security restrictions Joseph Nahmias <joe@nahmias.net> - 2023-06-13 07:00 +0200

csiph-web