I was answering this question, where I recommended utilizing exports to
syntax to prevent external consumers from accessing code that is intended for internal use between modules.
But on further reflection, the only real safety checking that modules implement is that it matches the name. Consider this example where I am implementing two modules:
module a {
exports unsafe to b
}
module b {
requires a
}
The package unsafe
contains code that would be unsafe to have exposed. Is there any way to securely export this to internal modules without exposing them externally?
In the above example, a rogue entity could simply name their module b
and would gain access to the code (not secure). The JLS doesn't seem to spell out anything that can prevent it.
The hashing of modules as pointed by Alan shall work in your case. Though I personally like the description and the example from the JMOD
tool which directly answers your question :
With the
--hash-modules
option or thejmod
hash command, you can, in each module's descriptor, record hashes of the content of the modules that are allowed to depend upon it, thus "tying" together these modules.This lets you to allow a package to be exported to one or more specifically-named modules and to no others through qualified exports. The runtime verifies if the recorded hash of a module matches the one resolved at run time; if not, the runtime returns an error.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With