cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Donald <dona...@apache.org>
Subject Re: [C2] Checking vars before assignment
Date Wed, 11 Apr 2001 22:52:55 GMT
At 03:50  11/4/01 +0200, Giacomo Pati wrote:
>Quoting Peter Donald <donaldp@apache.org>:
>
>> Hi,
>> 
>> I noticed a few things when playing a bit. In quite a few places there
>> is
>> the pattern
>> 
>> public void blahize( Blah blah ) {
>> 
>>   if( this.blah != null ) {
>>     this.blah = blah;
>>   }
>> }
>> 
>> Where blah is context/configuration/componentmanager/other. I am curious
>> -
>> is this needed. It seems to me that if the method is called twice (which
>> this method protects against) it is a fault of container and the
>> component
>> should not be defending against that. Where did this pattern arise and
>> is
>> it still needed ?
>
>What do you think about this:
>Suppose I have a component written as a Composer
>   
>  SecurityManager secman =       
>      (SecurityManager)manager.lookup("role.for.security.manager");
>
>  Configuration myconf = createMyOwnEvilConfig();
>  ((Configurable)secman).configure(myconf);  
>
>Well, the real pattern to use should be:
>
>  DON'T EVER LET YOUR WORKING INTERFACE EXTEND *ANY* LIFECYCLE INTERFACES
>  THAT IS NOT IN THE CONCERN OF THE COMPONENT CLIENTS

true.

>Maybe I've missed a discussion about how to specify working interfaces but 
>component writers may not be aware of that fact. And because you cannot
prevent 
>this the easiest way to get more security is to prevent your component being 
>configured/initialized/... more that once.

Yup but this sort of thing is easy enough to get around if your client code
has malicious intent in numerous other ways. We discussed this on Avalon
and the only real way to do it is create proxies for work interfaces
through which components act but unfortunately the code to do that is
broken on some platforms ;(

Cheers,

Pete

*-----------------------------------------------------*
| "Faced with the choice between changing one's mind, |
| and proving that there is no need to do so - almost |
| everyone gets busy on the proof."                   |
|              - John Kenneth Galbraith               |
*-----------------------------------------------------*


---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-dev-unsubscribe@xml.apache.org
For additional commands, email: cocoon-dev-help@xml.apache.org


Mime
View raw message