是什么阻止某人通过伪装成他们不是的模块来破坏合格的出口?
What prevents someone from subverting qualified exports by pretending to be a module they are not?
鉴于:
module A
{
exports fuzzy.bunny to B;
}
是什么阻止恶意玩家伪装成模块 B 以获取模块 A 的秘密?
我知道 Java 在 META-INF 中有某种签名机制,允许每个模块确保自己的 class 文件没有被修改,但是什么机制可以确保一个模块可以信任另一个模块的 class 个文件吗?
可能不完全是您正在寻找的答案,但 JMOD file creation using jmod tool 的一部分对其进行了简要解释:
--hash-modules
With the --hash-modules option or the jmod hash command, you can, in
each module's descriptor, record hashes of the content of the modules
that are allowed to depend upon it, thus "tying" together these
modules. This let’s you to allow a package to be exported to one or
more specifically-named modules and to no others through qualified
exports. The runtime verifies if the recorded hash of a module matches
the one resolved at run time; if not, the runtime returns an error.
来自同一文档的更多信息
These hashes are recorded in the JMOD archive file being created, or a
JMOD archive or modular JAR on the module path specified by the jmod hash command.
有用:上面分享的 link 中也有一个散列示例,它描述了一个用例你的问题很相关。
鉴于:
module A
{
exports fuzzy.bunny to B;
}
是什么阻止恶意玩家伪装成模块 B 以获取模块 A 的秘密?
我知道 Java 在 META-INF 中有某种签名机制,允许每个模块确保自己的 class 文件没有被修改,但是什么机制可以确保一个模块可以信任另一个模块的 class 个文件吗?
可能不完全是您正在寻找的答案,但 JMOD file creation using jmod tool 的一部分对其进行了简要解释:
--hash-modules
With the
--hash-modulesoption or thejmod hashcommand, you can, in each module's descriptor, record hashes of the content of the modules that are allowed to depend upon it, thus "tying" together these modules. This let’s you to allow a package to be exported to one or more specifically-named modules and to no others through qualified exports. The runtime verifies if the recorded hash of a module matches the one resolved at run time; if not, the runtime returns an error.
来自同一文档的更多信息
These hashes are recorded in the JMOD archive file being created, or a JMOD archive or modular JAR on the module path specified by the
jmod hashcommand.
有用:上面分享的 link 中也有一个散列示例,它描述了一个用例你的问题很相关。