Access Control to Reflection with Object Ownership
Reflection is a powerful programming language feature that enables language extensions, generic code, dynamic analyses, development tools, etc. However uncontrolled reflection breaks object encapsulation and considerably increases the attack surface of programs, eg. malicious libraries can use reflection to attack their client applications. To bring reflection and object encapsulation back together, we use dynamic object ownership to design an access control policy to reflective operations. This policy grants objects full reflective power over the objects they own but limited reflective power over other objects. Code is still able to use advanced reflective operations but reflection cannot be used as an attack vector anymore.