Re: Definition of IoC (was Re: [proposal] IoC type 3.14 extension to the Avalon Framework)

[Leo Simons <le...@apache.org>]

Ulrich Mayring wrote:
> Leo Simons wrote:
> 
>> class MyComponent implements Configurable
>> {
>>   public void configure( Configuration config )
>>   {
>>     new Thread( getNewWorker() ).start; // quite possible. Wrong, but
>>                                         // possible
>>     m_val = config.getChild("blah").value();
>>   }
>> }
> 
> We have invented an application framework on top of Avalon to prevent 
> things like that. Yes, we thought about contributing that to Avalon, but 
> it's pretty hard to come up with something sufficiently general.

most interesting! May I ask how? SecurityManager or something like that 
(hmm, would that work...)? Also, may I ask why? You run untrusted 
components?

- LSD



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@avalon.apache.org
For additional commands, e-mail: dev-help@avalon.apache.org

Re: Definition of IoC

[Leo Simons <le...@apache.org>]

Berin Loritsch wrote:
>> Ulrich Mayring wrote:
>>> Leo Simons wrote:
>>>
>>>> class MyComponent implements Configurable
>>>> {
>>>>   public void configure( Configuration config )
>>>>   {
>>>>     new Thread( getNewWorker() ).start; // quite possible. Wrong, but
>>>>                                         // possible
>>>>     m_val = config.getChild("blah").value();
>>>>   }
>>>> }
>>>
>>> We have invented an application framework on top of Avalon to prevent 
>>> things like that.
<snip/>
> 
> This is something I would welcome.

+1! (though it should be optional :D)

- LSD



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@avalon.apache.org
For additional commands, e-mail: dev-help@avalon.apache.org

Re: Definition of IoC (was Re: [proposal] IoC type 3.14 extension to the Avalon Framework)

[Berin Loritsch <bl...@apache.org>]

Leo Simons wrote:

> Ulrich Mayring wrote:
> 
>> Leo Simons wrote:
>>
>>> class MyComponent implements Configurable
>>> {
>>>   public void configure( Configuration config )
>>>   {
>>>     new Thread( getNewWorker() ).start; // quite possible. Wrong, but
>>>                                         // possible
>>>     m_val = config.getChild("blah").value();
>>>   }
>>> }
>>
>>
>> We have invented an application framework on top of Avalon to prevent 
>> things like that. Yes, we thought about contributing that to Avalon, 
>> but it's pretty hard to come up with something sufficiently general.
> 
> 
> most interesting! May I ask how? SecurityManager or something like that 
> (hmm, would that work...)? Also, may I ask why? You run untrusted 
> components?

Actually Leo, this is something I would welcome.  As we delve into the world
of distributed components, or remote repositories, we need to ensure that the
unknown components are not given access to too much.  IOW, we need to support
untrusted components--but we have been working in the much simpler world of
a trusted environment.


-- 

"They that give up essential liberty to obtain a little temporary safety
  deserve neither liberty nor safety."
                 - Benjamin Franklin


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@avalon.apache.org
For additional commands, e-mail: dev-help@avalon.apache.org