Skip to Main content Skip to Navigation
Conference papers

Access Control to Reflection with Object Ownership

Camille Teruel 1 Stéphane Ducasse 1 Damien Cassou 1 Marcus Denker 1
1 RMOD - Analyses and Languages Constructs for Object-Oriented Application Evolution
Inria Lille - Nord Europe, CRIStAL - Centre de Recherche en Informatique, Signal et Automatique de Lille - UMR 9189
Abstract : Reflection is a powerful programming language feature that enables language extensions, generic code, dynamic analyses , development tools, etc. However, uncontrolled reflection breaks object encapsulation and considerably increases the attack surface of programs e.g., malicious libraries can use reflection to attack their client applications. To bring reflection and object encapsulation back together, we use dynamic object ownership to design an access control policy to reflective operations. This policy grants objects full reflective power over the objects they own but limited reflective power over other objects. Code is still able to use advanced reflective operations but reflection cannot be used as an attack vector anymore.
Document type :
Conference papers
Complete list of metadata

Cited literature [27 references]  Display  Hide  Download
Contributor : Lse Lse Connect in order to contact the contributor
Submitted on : Sunday, November 1, 2015 - 5:15:30 PM
Last modification on : Tuesday, November 30, 2021 - 2:30:03 PM
Long-term archiving on: : Thursday, April 27, 2017 - 6:21:09 AM


Files produced by the author(s)




Camille Teruel, Stéphane Ducasse, Damien Cassou, Marcus Denker. Access Control to Reflection with Object Ownership. Dynamic Languages Symposium, Oct 2015, USA, France. pp.168-176, ⟨10.1145/2816707.2816721⟩. ⟨hal-01217041⟩



Record views


Files downloads