Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > C++ > class-based access control VS instance-based access control

Reply
Thread Tools

class-based access control VS instance-based access control

 
 
xz
Guest
Posts: n/a
 
      01-07-2008
Why C++ (as well as Java) adopts class-based access control instead of
instance-based access control?

I had never paid attention to whether an access-control is class-based
or instance-based but only intuitively thought that the latter was the
one being used.

Since it does not seem to make sense to let an instance "a1" of Class
"A" to have access to the private data of instance "a2" of the same
Class A, does it?
 
Reply With Quote
 
 
 
 
Victor Bazarov
Guest
Posts: n/a
 
      01-07-2008
xz wrote:
> Why C++ (as well as Java) adopts class-based access control instead of
> instance-based access control?


Mostly because of the different purpose of those. Class-based has the
purpose to prevent coding mistakes, whereas instance-based looks like
a security measure. C++ wasn't designed with security in mind.

> I had never paid attention to whether an access-control is class-based
> or instance-based but only intuitively thought that the latter was the
> one being used.
>
> Since it does not seem to make sense to let an instance "a1" of Class
> "A" to have access to the private data of instance "a2" of the same
> Class A, does it?


That's an incomplete statement. Since it doesn't, then what? What
conclusion do you expect to derive from "since it doesn't make sense"?
And think of the fact that it doesn't make sense to you, but obviously
makes a lot of sense to millions of other C++ programmers who never
complain about that feature. What does it say?

V
--
Please remove capital 'A's when replying by e-mail
I do not respond to top-posted replies, please don't ask


 
Reply With Quote
 
 
 
 
xz
Guest
Posts: n/a
 
      01-07-2008
On Jan 7, 2:29 pm, "Victor Bazarov" <(E-Mail Removed)> wrote:
> xz wrote:
> > Why C++ (as well as Java) adopts class-based access control instead of
> > instance-based access control?

>

Thanks for you reply.

> Mostly because of the different purpose of those. Class-based has the
> purpose to prevent coding mistakes, whereas instance-based looks like
> a security measure. C++ wasn't designed with security in mind.
>


I thought the access control was designed in the purpose for
security......
And it is obviously a danger to let "a1" (of class A) to have access
to the private data of "a2".
If you wanna control the privileges of accesses from the outside
world, it's straightforward that any access from outside should be
controlled, whether it is from an instance of different class or the
same class.
Well, but you said class-based is not for security......

> > I had never paid attention to whether an access-control is class-based
> > or instance-based but only intuitively thought that the latter was the
> > one being used.

>
> > Since it does not seem to make sense to let an instance "a1" of Class
> > "A" to have access to the private data of instance "a2" of the same
> > Class A, does it?

>
> That's an incomplete statement. Since it doesn't, then what? What
> conclusion do you expect to derive from "since it doesn't make sense"?
> And think of the fact that it doesn't make sense to you, but obviously
> makes a lot of sense to millions of other C++ programmers who never
> complain about that feature. What does it say?
>
> V
> --
> Please remove capital 'A's when replying by e-mail
> I do not respond to top-posted replies, please don't ask


 
Reply With Quote
 
xz
Guest
Posts: n/a
 
      01-07-2008
On Jan 7, 2:29 pm, "Victor Bazarov" <(E-Mail Removed)> wrote:
> xz wrote:
> > Why C++ (as well as Java) adopts class-based access control instead of
> > instance-based access control?

>
> Mostly because of the different purpose of those. Class-based has the
> purpose to prevent coding mistakes, whereas instance-based looks like
> a security measure. C++ wasn't designed with security in mind.

Then how about Java?

>
> > I had never paid attention to whether an access-control is class-based
> > or instance-based but only intuitively thought that the latter was the
> > one being used.

>
> > Since it does not seem to make sense to let an instance "a1" of Class
> > "A" to have access to the private data of instance "a2" of the same
> > Class A, does it?

>
> That's an incomplete statement. Since it doesn't, then what? What
> conclusion do you expect to derive from "since it doesn't make sense"?
> And think of the fact that it doesn't make sense to you, but obviously
> makes a lot of sense to millions of other C++ programmers who never
> complain about that feature. What does it say?
>
> V
> --
> Please remove capital 'A's when replying by e-mail
> I do not respond to top-posted replies, please don't ask


 
Reply With Quote
 
Victor Bazarov
Guest
Posts: n/a
 
      01-07-2008
xz wrote:
> On Jan 7, 2:29 pm, "Victor Bazarov" <(E-Mail Removed)> wrote:
>> xz wrote:
>>> Why C++ (as well as Java) adopts class-based access control instead
>>> of instance-based access control?

>>
>> Mostly because of the different purpose of those. Class-based has
>> the purpose to prevent coding mistakes, whereas instance-based looks
>> like a security measure. C++ wasn't designed with security in mind.

> Then how about Java?


No, thanks.

V
--
Please remove capital 'A's when replying by e-mail
I do not respond to top-posted replies, please don't ask


 
Reply With Quote
 
xz
Guest
Posts: n/a
 
      01-07-2008
On Jan 7, 3:10 pm, "Victor Bazarov" <(E-Mail Removed)> wrote:
> xz wrote:
> > On Jan 7, 2:29 pm, "Victor Bazarov" <(E-Mail Removed)> wrote:
> >> xz wrote:
> >>> Why C++ (as well as Java) adopts class-based access control instead
> >>> of instance-based access control?

>
> >> Mostly because of the different purpose of those. Class-based has
> >> the purpose to prevent coding mistakes, whereas instance-based looks
> >> like a security measure. C++ wasn't designed with security in mind.

> > Then how about Java?

>


> No, thanks.

So you are a fan of tea?

OK, let's ask it seriously.
I think Java (the programming language provided by Sun, which is a
company instead of the shining sun in the sky) was designed "with
security in mind", then why Java's access control is also class-based
instead of instance-based?

>
> V
> --
> Please remove capital 'A's when replying by e-mail
> I do not respond to top-posted replies, please don't ask


 
Reply With Quote
 
Victor Bazarov
Guest
Posts: n/a
 
      01-07-2008
xz wrote:
> On Jan 7, 3:10 pm, "Victor Bazarov" <(E-Mail Removed)> wrote:
>> xz wrote:
>>> On Jan 7, 2:29 pm, "Victor Bazarov" <(E-Mail Removed)> wrote:
>>>> xz wrote:
>>>>> Why C++ (as well as Java) adopts class-based access control
>>>>> instead of instance-based access control?

>>
>>>> Mostly because of the different purpose of those. Class-based has
>>>> the purpose to prevent coding mistakes, whereas instance-based
>>>> looks like a security measure. C++ wasn't designed with security
>>>> in mind. Then how about Java?

>>

>
>> No, thanks.

> So you are a fan of tea?
>
> OK, let's ask it seriously.
> I think Java (the programming language provided by Sun, which is a
> company instead of the shining sun in the sky) was designed "with
> security in mind", then why Java's access control is also class-based
> instead of instance-based?


Why are you asking about Java in a C++ newsgroup? The only answer
to your question here is "who cares?"

V
--
Please remove capital 'A's when replying by e-mail
I do not respond to top-posted replies, please don't ask


 
Reply With Quote
 
Grizlyk
Guest
Posts: n/a
 
      01-08-2008
xz wrote:
>
> And it is obviously a danger to let "a1" (of class A)
> to have access to the private data of "a2".


Try to write a copy ctor and assignment operator for your class A.

Probably, access to the private data of object of the same class can
be disabled by default, and a kind of static_cast<> will exist to
explicitly change type of reference to enabled.

But what the errors and where have you met already with the access is
enabled by default?

Maksim A. Polyanin
old page about some C++ improvements:
http://grizlyk1.narod.ru/cpp_new
 
Reply With Quote
 
Salt_Peter
Guest
Posts: n/a
 
      01-08-2008
On Jan 7, 3:54 pm, xz <(E-Mail Removed)> wrote:
> On Jan 7, 2:29 pm, "Victor Bazarov" <(E-Mail Removed)> wrote:> xz wrote:
> > > Why C++ (as well as Java) adopts class-based access control instead of
> > > instance-based access control?

>
> Thanks for you reply.
>
> > Mostly because of the different purpose of those. Class-based has the
> > purpose to prevent coding mistakes, whereas instance-based looks like
> > a security measure. C++ wasn't designed with security in mind.

>
> I thought the access control was designed in the purpose for
> security......
> And it is obviously a danger to let "a1" (of class A) to have access
> to the private data of "a2".
> If you wanna control the privileges of accesses from the outside
> world, it's straightforward that any access from outside should be
> controlled, whether it is from an instance of different class or the
> same class.
> Well, but you said class-based is not for security......
>
> > > I had never paid attention to whether an access-control is class-based
> > > or instance-based but only intuitively thought that the latter was the
> > > one being used.

>
> > > Since it does not seem to make sense to let an instance "a1" of Class
> > > "A" to have access to the private data of instance "a2" of the same
> > > Class A, does it?

>


You have a serious misconception about access control and instances. A
class is a blueprint. Its a specification of what an instance will
look like and the interface an instance will have if and only if you
actually make one. You can't apply encapsulation to an instance
without first designing the model.

Our world works the same way. You buy a home that has a private
bathroom, your neighbour has the identical house. Does your neighbour
have access to your private bathroom because he has access to his? If
he flushes the toilet, does yours go too? Would making the bathroom
public change that? If you push the accelerator in your car, do all
the other cars on the road accelerate as well? Give all your
neighbours the key to your car and try pushing the accelerator again,
do the neighbour's cars accelerate too (are they even running)?

You and your neighbour share the same water reservoir/treatment plant.
If it breaks down, both you and your neighbour lose your water source
(the water plant is static, unique in your area - a translation unit).
It too is an instance of a water plant, although unique in your
sector. If you manage to bypass security and decide to bathe in that
water, does that mean that your body is simultaneously bathing in
every water plant this world has? Hmm?

Meanwhile: an instance is just an instance. An apple is just another
apple. You are just another person. The only thing these pairs of
entities have in common is their type.

If you do something silly and you end up in prison, thats not
encapsulation either, its Storage (you were placed in a secured
container). Its really a very simple concept. Just look around you.
 
Reply With Quote
 
James Kanze
Guest
Posts: n/a
 
      01-08-2008
On Jan 7, 8:58 pm, xz <(E-Mail Removed)> wrote:
> Why C++ (as well as Java) adopts class-based access control instead of
> instance-based access control?


Because you couldn't implement copy construction otherwise. If
a language supports value semantics for user defined types, it
pretty much has to use class based access control.

> I had never paid attention to whether an access-control is
> class-based or instance-based but only intuitively thought
> that the latter was the one being used.


> Since it does not seem to make sense to let an instance "a1"
> of Class "A" to have access to the private data of instance
> "a2" of the same Class A, does it?


And how do you implement a copy constructor otherwise?

--
James Kanze (GABI Software) email:(E-Mail Removed)
Conseils en informatique orientée objet/
Beratung in objektorientierter Datenverarbeitung
9 place Sémard, 78210 St.-Cyr-l'École, France, +33 (0)1 30 23 00 34
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Very annoying error: Access to the path is denied. ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity Jay ASP .Net 2 08-20-2007 07:38 PM
403 Forbidden: You were denied access because: Access denied by access control list Southern Kiwi NZ Computing 6 03-19-2006 05:19 AM
e-mail access denied by access control list Ram Ananthraman Computer Support 4 03-17-2005 09:22 PM
How do I let people access the internet via an access point but not allow them access to my network yar Wireless Networking 4 09-21-2004 03:48 AM
access denied by access control list Hung Computer Support 8 10-12-2003 05:27 PM



Advertisments