[Lazarus] Controlling access to a method

Mark Morgan Lloyd markMLl.lazarus at telemetry.co.uk
Wed Jan 30 17:44:08 CET 2013


Hans-Peter Diettrich wrote:
> Mark Morgan Lloyd schrieb:
>> Hans-Peter Diettrich wrote:
>>> Mark Morgan Lloyd schrieb:
>>>> Given a fragment of code like this:
>>>>
>>>> type
>>>>   TDbConfigFrame = class(TFrame)
>>>> ..
>>>>   public
>>>>     { public declarations }
>>>>     property DbInit: TDbConfigInit write fdbInit;
>>>>   end;
>>>
>>> A write-only property can be implemented by a (setter) procedure,
>>
>> Yes, I was assuming that.
>>
>>> to which you add whatever arguments may be useful (e.g. Sender).
>>
>> OK, but in that case I presume that you can no longer go via the 
>> object's property (reserved word).
> 
> Why do you need both?

You don't, I was assuming that being unobtrusive was an advantage,

>> Also in that case I presume that some unauthorised caller could spoof 
>> an explicit sender parameter.
> 
> What degree of security do you expect?
> 
> Would it be sufficient to initialize the field in the constructor?
> Then you could add an constructor that takes the value, and make the 
> field inaccessible to other code (private).
..
> He who can read your source code also can modify it, to get rid of all 
> your protection attempts.

I'd settle for protecting my code from its original author :-)

You are of course entirely right: from the POV of protecting against 
silly mistykes it's entirely adequate to have a validation parameter, 
even if it's not used for anything else. I was originally thinking about 
it from the POV of bare-metal protected-mode code, where you could 
explicitly bind a procedure to ring 2 thus protecting it from ring 3 access.

-- 
Mark Morgan Lloyd
markMLl .AT. telemetry.co .DOT. uk

[Opinions above are the author's, not those of his employers or colleagues]




More information about the Lazarus mailing list