From owner-java@jp.FreeBSD.org Wed Sep 11 11:50:04 2002
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id g8B2o4971543;
	Wed, 11 Sep 2002 11:50:04 +0900 (JST)
	(envelope-from owner-java@jp.FreeBSD.org)
Received: from ongs.co.jp (ns.ongs.co.jp [202.216.232.58])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with SMTP/inet id g8B2o4371535
	for <java@jp.FreeBSD.org>; Wed, 11 Sep 2002 11:50:04 +0900 (JST)
	(envelope-from daichi@jp.freebsd.org)
Received: (qmail 42611 invoked from network); 11 Sep 2002 02:48:30 -0000
Received: from unknown (HELO parancell.ongs.co.jp) (202.216.232.62)
  by ns.ongs.co.jp with SMTP; 11 Sep 2002 02:48:30 -0000
From: daichi <daichi@jp.FreeBSD.org>
To: java@jp.FreeBSD.org
Message-Id: <20020911115134.70fca787.daichi@jp.freebsd.org>
In-Reply-To: <sqb8z29bnau.wl@nue.mac.com>
References: <20020909165608.3844b00e.daichi@jp.freebsd.org>
	<sqbznurnwn9.wl@nue.mac.com>
	<20020909222653.4eb24728.daichi@jp.freebsd.org>
	<20020910.140922.304093457.shudoh@localhost>
	<sqb8z29bnau.wl@nue.mac.com>
Organization: ONGS Inc.
X-Mailer: Sylpheed version 0.8.2 (GTK+ 1.2.10; i386-portbld-freebsd4.6)
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-2022-JP
Content-Transfer-Encoding: 7bit
Reply-To: java@jp.FreeBSD.org
Precedence: list
Date: Wed, 11 Sep 2002 11:51:34 +0900
X-Sequence: java 226
Subject: [java 226] Re: Java =?ISO-2022-JP?B?GyRCJEskKiQxJGtGfBsoQg==?=
 =?ISO-2022-JP?B?GyRCS1w4bEZ+Tk8kTkApOGYkSyREJCQkRhsoQg==?= 
Errors-To: owner-java@jp.FreeBSD.org
Sender: owner-java@jp.FreeBSD.org
X-Originator: daichi@jp.FreeBSD.org
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+020902

$BBgCO$G$9!#(B

> >   Setting the accessible flag in a reflected object permits
> >   sophisticated applications with sufficient privilege,
> >   such as Java Object Serialization or other persistence mechanisms,
> >   to manipulate objects in a manner that would normally be prohibited.
> > 
> > object serialization $B$N$?$a!"$J$s$8$c$J$$$G$7$g$&$+!#(B

$B$O$$!#$=$N$h$&$G$9!#(B

> jdk $B$N%=!<%9$NCf$r(B 'setAccessible(' $B$G%5!<%A$9$k$H(B
> serialization $B$OBg8}%f!<%6!<$N$R$H$D!JB>$O(B java.security$B!K(B
> $B$H$$$&$N$O$"$C$F$=$&$G$9$M!#(B
> 
> $B$H$3$m$G$7$P$i$/A0$K$_$D$1$?$N$K!"$3$s$J$N$,$"$C$F!'(B
> 
> --
> import sun.misc.Unsafe;
> public class PeekPoke { // this have to be loaded through bootclassloader
>   public static void main(String[] args) throws Exception {
>     Unsafe s = Unsafe.getUnsafe();
>     s.putLong(Long.parseLong(args[0]), Long.parseLong(args[1]));  //poke
>     s.getLong(Long.parseLong(args[0])); //peek
>   }
> }
> --
> 
> jdk 1.4 $B$K$J$C$F(B serialization - reflection $B$,$O$d$/$J$C(B
> $B$?$N$O<g$K!">e$r!"(Bsun.reflect.* $B$"$?$j$N%/%i%9$,;H$&$h(B
> $B$&$K(B($B$b$H$O(B JNI $B%Y!<%9(B)$B=q$-49$($7$?$+$i(B - $B$H>!<j$K;W$$(B
> $B9~$s$G$$$k$N$G$9$,(B $B$5$F!)(B :)

$B$&$#!#%=!<%9%3!<%IDI$C$F$_$^$7$?!#$3$J$+$5$s$NM=A[$G$I$s$T$7$c(B
$B$G$9(B :)

ObjectStreamClass, Class, Bits, Direct-X-Buffer$B$GMxMQ$,$_$i$l$k(B
$BB>!"(BAccessorGenerator, BootstrapConstructorAccessorImpl, 
ClassDefiner, FieldAccessorGenerator, FieldInfo, MagicAccessorImpl,
MethodAccessorGenerator, MethodInfo, ReflectionFactory, 
UnsafeBooleanFieldAccessorImpl, UnsafeByteFieldAccessorImpl,
UnsafeCharacterFieldAccessorImpl, UnsafeDoubleFieldAccessorImpl,
UnsafeFieldAccessorFactory, UnsafeFieldAccessorImpl, 
UnsafeFloatFieldAccessorImpl, UnsafeIntegerFieldAccessorImpl, 
UnsafeLongFieldAccessorImpl, UnsafeObjectFieldAccessorImpl, 
UnsafeShortFieldAccessorImpl, UnsafeStaticBooleanFieldAccessorImpl, 
UnsafeStaticByteFieldAccessorImpl, UnsafeStaticCharacterFieldAccessorImpl,
UnsafeStaticDoubleFieldAccessorImpl, UnsafeStaticFieldAccessorImpl,
UnsafeStaticFloatFieldAccessorImpl, UnsafeStaticIntegerFieldAccessorImpl,
UnsafeStaticLongFieldAccessorImpl, UnsafeStaticObjectFieldAccessorImpl,
UnsafeStaticObjectFieldAccessorImpl, UnsafeStaticShortFieldAccessorImpl
$B$G;H$o$l$F$^$9!#(B

Unsafe$B$NF3F~$GD>Ns2=$N9bB.2=$*$h$S(BGC$B$NBP>]$K$J$i$J$$%a%b%j(B
$BNN0h$G$"$k(BBuffer$B$N<B8=(B(allocateDirect)$B$,9T$o$l$F$$$k$h$&$G(B
$B$9!#(B

# JFC/Swing$B$GMxMQ$9$k$h$&$K$J$C$?%S%G%*%a%b%jD>%"%/%;%9$O(B
# $B$I$N%3!<%I$G<B8=$7$F$k$s$@$m(B?

--
Daichi GOTO
   http://www.ongs.net/daichi, daichi@jp.freebsd.org
