Stop the Use of Unsafe Internal Java API Calls or JDK will Not Run

Developers for so long have been using the Java Internal APIs for it is easily available. Much roots from the way JDK has been developed. It allows the developers to get hold of various APIs that are not meant for external use through a simple import.

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest

The Challenge

These Java API in no way could detach from developers unless the access to the JDK maintainers was also severe. However, time and again Java asks the developers to stop the internal Java API calls but to no use. Now, Mark Reinhold, chief architect of the Java Platform Group at Oracle states that Java is now capable of restricting the access to classes such as GC, Unsafe and BASE64Encoder.

During the Oracle Code One Conference, Reinhold states that “The JDK [Java Development Kit] has many internal APIs that were never meant to be used by external tools.” He went on to say that, “For decades, we’ve been warning developers against using them. They’ve done so anyway.”

Security Issues

Further, Reinhold believes that the restriction should be done from the platform security point of view. “Of the six high-impact zero-day vulnerabilities reports since JDK 7 in 2011, three of them would have been prevented. This could be only possible if we were able to encapsulate Java’s internal APIs,” Reinhold said. It becomes important for Java developers to ensure that they are considering the most common vulnerabilities while writing Java applications.

A few days back, the platform authorities stated that since Java codes have the cross-platform nature, it implies that OS-level security frameworks would not always be sufficient for ensuring the safety of the applications. Some of the common security issues are SQL injections, Java LDAP Injections, cross-site scripting injections and so on.

So security is one of the many factors which encourage Reinhold to appeal to the programmers and writers. However, security is not the only reason and Reinhold states “Starting with JDK 9, if your code uses Java APIs, it will not compile, and it may generate warnings at runtime. In the future, it will not run.”

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Share on whatsapp
Share on email
Author Bio

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recommended for you
Connect With Us
Stay Connected

Subscribe to our newsletter today to receive updates on latest tech news, tutorials SEO tips many more.

Latest Articles
18518157_223940698108354_7866972342651071979_o
Apps

5 Best Apps for self-development

We live in a world of high dynamicity, progress, and constant change. But in most times it has been observed that we are not that welcoming when it comes to changing ourselves or changing anything around us. We try to repel change as long as possible.

Free hub for guest blogging nerds and newbie writers

  • Submit Guest Post
  • Share your Knowledge
  • Build your Backlinks
  • Advertise your products
  • Make money by writing
Subscribe to our newsletter today to receive updates on latest tech news, tutorials SEO tips many more.