[DGD] Static functions, static AUTO functions, access
Felix A. Croes
felix at dworkin.nl
Wed Nov 19 16:02:34 CET 2003
Noah Gibbs <noah_gibbs at yahoo.com> wrote:
> I think I may have answered my own question. It
> appears that the extra AUTO object is simply
> #included, not actually inherited. In that case, the
> object that receives it would still be able to use the
> regular ::read_file() syntax with the usual results.
> Seems like I need to rethink my scripting strategy.
>
> And here I thought I was being all clever.
It's not included, it's inherited from an include file. What would be
the point of a second-tier auto object that is merely included? :)
As long as you mask every function you want to protect, you're fine.
There is one thing to be careful about, however. Theoretically, an
object could explicitly inherit the auto object:
inherit auto "/kernel/lib/auto";
string unprotected_read_file(string file, varargs int offset, int size)
{
return auto::read_file(file, offset, size);
}
The kernel library prevents this by letting only System objects inherit
explicitly from /kernel/lib. But once you have more than one second-tier
auto object, you have to make sure that an object intended to inherit one
cannot explicitly inherit the other, and get a mix of security models
that way.
Regards,
Dworkin
_________________________________________________________________
List config page: http://list.imaginary.com/mailman/listinfo/dgd
More information about the DGD
mailing list