------art_69529_21972978.1150888752442
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

On 6/21/06, Juergen Strobel <strobel / secure.at> wrote:
>
> <snip>




In no language private/protected (or final) is a fool proof security


I doubt this strongly, Ada springs into mind.

measure. It is there to provide some safety nets against errors, and
> to help design, not for security. It is quite easy in C++ to get at
> any function in memory via pointers. In Java people can use AOP to
> accomplish this.


In theory I hate it, in practice it is frequently sufficent.
Ruby is not doing that bad either, in practice I will often not care if
somebody redefines the access rights of my methods, I feel that this is a
theoretical discussion, though, right ?

Your most economical bet is to just document the class (or whatever)
> to be "private, not to be used directly" in Ruby. Sometimes the
> low-tech effort is simply the best, especially if any high-tech effort
> is going to put *you* to much more troubles than the attacker, who will
> circumvent it fast any way.


I appreciate your defence of ruby ;) but the ability  to completely hide
implementation from the interface user is a feature not a bug.

It does not seem a good idea to me to allow everything with the perfect
excuse of following the "enabeling approach", because it does not allow me
to implement some of the more basic principles of modern Software Design
(Data Hiding for instance).

All this is on a philosophical base, in practice Ruby gives me what *I* need
However, *I* is not the world, as has been pointed out to me frequently and
recently, quite a rude message BTW ;)

Cheers
Robert

Jgen
>
> --
> The box said it requires Windows 95 or better so I installed Linux
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.3 (GNU/Linux)
>
> iQEVAwUBRJkUEvy64gyiEfXtAQJVyggAzUIlE6uw8LQ7FwWRH2wKucx3qcdi0I5P
> KjEJK4a+i01w6ZxUFanxPvCIdlFmwIqz4OLEyV7pRYeKkTOxsaBhc8eS0BWtgNhG
> tlrbkG0eXroEYvJnfNGkHAk4UEP11CA/gy6cSzioHRxHtQo8Gt5ktf+uThhHn7+Z
> ybSJoMNRltsK/UXc4nxQgw9g8YkNVWooo6QWYf+oqyuNenpE8NoHz5u52CrUUzx0
> AoKjR9EVjZeucV5HgmF2Mgfe039A68esCSZ4Xi/3DU1rTfqlIKOaxhDrreBvgoZv
> ETANSNrWAX1TBe1Q/jua11nA/3tS2E/8O6oho7NJIeiAiThb20+aOQ==
> =G/Vr
> -----END PGP SIGNATURE-----
>
>
>


-- 
Deux choses sont infinies : l'univers et la bóŐise humaine ; en ce qui
concerne l'univers, je n'en ai pas acquis la certitude absolue.

- Albert Einstein

------art_69529_21972978.1150888752442--