(github.com)

16 points pfirmst | 1 comments | 19 Nov 24 23:51 UTC | HN request time: 0.199s | source

Show context

pfirmst ◴[19 Nov 24 23:51 UTC] No.42189343[source]▶

Looking for interested parties to assist maintaining a fork of OpenJDK with authorization. Note this isn't for sandboxing untrusted code but instead only allow loading trusted code and automate generation of principle of least privilege policy files for auditing with user Principal's and Code Signer's.

replies(2): >>42190229 #>>42190244 #

mdaniel ◴[20 Nov 24 02:12 UTC] No.42190229[source]▶

>>42189343 #

Two things:

Are you planning on getting the TCK so your JVM will be trustworthy to run in prod?

Are you going to backport these changes to all the concurrent releases, or do potential consumers have to "ride HEAD" to use your JVM? Based on the number of "we're still on Java 8" comments that always show up in any JVM submission, I'd guess one would want to be mindful of the versions their audience requires otherwise it's basically your own private fork

replies(2): >>42190698 #>>42190755 #

immibis ◴[20 Nov 24 04:11 UTC] No.42190755[source]▶

>>42190229 #

How much does TCK cost again?

replies(1): >>42196926 #

1. mdaniel ◴[20 Nov 24 18:46 UTC] No.42196926[source]▶

>>42190755 #

https://openjdk.org/groups/conformance/JckAccess/#:~:text=av...

↑

OpenJDK Authorization