[DGD]Limiting access to functions

Ludger Merkens balduin at uni-paderborn.de
Thu Feb 1 10:36:04 CET 2001


On Thu, 1 Feb 2001 birgit.schulte at philips.com wrote:

> You can get the object which does the functioncall with previous_program 
> (returns the name of the calling object), and this works also for inherited objects.
> Question now is, if you really need to determine from which function in this object the call was
> made, or if it's sufficient to know which object did the call.
> 
Well I assume the Idea is to generate trusted classes. This means you
develop a security class. E.g. containing something like an object ID,
some rights of the object etc. For a user the username and password are
good examples of such a type of data. If you can make sure the call is
from a function of such a class, even if not directly but after
inheritance, you still have something you can trust, but gain the
flexibility to create derivated classes. As an example think about an ACL
Implementation, where different objects and different code is needed for
different mimetypes. Your html class might be a subclass of document, but
need some special code for parsing etc. But still you need to make sure
the function that provides the ACL Data is a trusty one.

> Regards

Ludger

of course, I don't know if thats the stuff Neil has in mind when asking.


List config page:  http://list.imaginary.com/mailman/listinfo/dgd



More information about the DGD mailing list