> On 23 Jun 2023, at 08:16, Peter Firmstone <peter.firmst...@zeus.net.au> wrote: > > > When someone comes up with a simpler design, I'm all up for the effectiveness > challenge, I'm pretty sure that whatever it is, we'll blow it away both on > performance and effectiveness, we've had years to perfect it, but I would > also happily be proven wrong and challenge OpenJDK to implement something > that does.
The simpler design I was referring to is performing the low-level access checks in the OS (sometimes in cooperation with the hardware), not the JDK, and, more importantly, having a policy that treats the entire application as a black box with no regard to its composition and can even be shared among different applications, even those written in different languages. The first part is the same design chosen by all languages/platforms that allow the use of native code, and the second part is the same design chosen by pretty much every platform/language, certainly mainstream ones. — Ron
