You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@avalon.apache.org by Berin Loritsch <bl...@apache.org> on 2001/12/03 14:48:41 UTC

Re: [VOTE] ComponentUtil

Peter Donald wrote:

> On Sat, 1 Dec 2001 05:31, Berin Loritsch wrote:
> 
> Well I think it is kinda nice but I can't see it being used widely enough to 
> be included in framework. Maybe it would be best to include it in excalibur 
> somewhere (maybe excalibur.util ?)


NO!  It needs to be in Framework to be effective.  A framework becomes more
effective when it provides tools to enforce the contracts that are declared by
the framework.  Honestly, just because _you_ wouldn't use it does not mean
that others would not.


> Put bluntly it is highly unlikely I would ever use it or recomend using it. 
> The main reason it assumes that the environment in whihc you are working has 
> 
> a) a dodgy container


This is likely to occur when developers create Components that act as containers
for other components.  You MUST test for this!



> b) evil clients who can get direct reference to component


You can never rule this out.  It is like saying we should get rid of file permissions
just because noone is *supposed* to be able to gain access to it in a
non-prescribed manner.  Just as UNIX as a platform is hostile to viruses,
Avalon needs to be Hostile to malcontent environments.  Ignoring a potential
hole because _you_ are not concerned with it is stupidity.  It will inevitable
come and bite you in the hind quarters sooner or later.  Period.


> Even if you manage to shore up all the holes the component can still be 
> fubared by another evil component going
> 
> synchronized( myComponent )
> {
>   while( 1 ) System.sleep(100000000);
> }


Look who's been writing C++ lately!  (while only responds to boolean values,
this won't compile) ;p

Seriously, you need to close up the holes you can.  Stuff that is beyond your
control, you have to prepare for, BUT don't leave open invitations and an unlocked
door just because someone can fit down your chimney.


> If (b) is the case you are protecting against then your container should 
> never hand out direct references but instead hand out references wrapped in 
> proxies (maybe by 1.4s dynamic proxy api.
> 
> Is there another use I am missing?


ENFORCING CONTRACTS!  Good engineering ALWAYS *explicitly* enforces their contracts.


> 
> 



-- 

"They that give up essential liberty to obtain a little temporary safety
  deserve neither liberty nor safety."
                 - Benjamin Franklin


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>