[DGD] nomask and static vs straight
Shentino
shentino at gmail.com
Thu Jan 29 16:00:09 CET 2009
On Thu, Jan 29, 2009 at 6:49 AM, Felix A. Croes <felix at dworkin.nl> wrote:
> Shentino <shentino at gmail.com> wrote:
>
> >[...]
> > What I'm curious about is who should bear the burden of access control.
> > With a nomask and a stack, my role inheritable guarantees that a simple
> > static function supplied by the inheritor will suffice, whereas if I just
> do
> > a straiht call, the inheritor has to bear the burden of allowing the
> > appropriate caller, and yet turn away from everyone else.
> >
> > Any reason I should do one over the other?
>
> It could be a matter of responsibility and security. The _F_hook setup
> may protect the consistency of data that cannot be accessed directly by
> the inheritor, or that could even be messed up by a maliciously-written
> inheritor.
>
> When the responsibility lies with the inheritor, let the inheritor do
> the checking.
>
Then I guess it would be do direct and let the inheritor worry about
security. None of my cases involve data, rather, the daemons are calling
_F_hook so that the hook() defined by the inheritor can enjoy the benefits
of static declaration.
> Regards,
> Felix Croes
> ___________________________________________
> https://mail.dworkin.nl/mailman/listinfo/dgd
>
More information about the DGD
mailing list