Exporting - the wrong default?

Thu Jul 28 12:33:15 UTC 2016

On 27.07.2016 17:37, Stephen Colebourne wrote:
> While the JDK cannot afford to compromise on security, many real-world
> systems can and do. Software is mostly a trade-off between security,
> quality, features, delivery date, design, resources... etc. As such,
> this discussion cannot and should not be shut down solely on the basis
> of security.

For an entirely hypothetical straw man example, imagine the expert 
authors of a third party component A making a deliberate security trade 
off in one class. For the sake of brevity, let's call that class 'Gun'.

Let's also imagine a different set of expert authors of a different 
third party component B making a different deliberate security trade off 
in another class. Let's call that class 'Bullet'.

Assembling a software system H which, by simply using both component A 
and component B, provides both a Gun and a Bullet, could lead to some 
pretty bad headaches down the road.

In the "exported by default" world view, the assembler is responsible 
for restricting all such headache inducing interactions between these 
classes, originating in different components with different trade offs.

Let's hope for their sake they are really awesome experts at that sort 
of thing, and especially good at handling the potentially exponential 
complexities that can arise from adding new components with further 
third party provided Guns and Bullets to their software system.

In the "failsafe by default" world view, they are responsible for 
enabling "just" the non-headache inducing interactions between those 
classes, of which there in most cases may very well be none.

That's (potentially) a substantial difference in effort necessary to 
accurately make such trade offs, in particular over the maintenance life 
cycle of a software system.

cheers,
dalibor topic
-- 
<http://www.oracle.com> Dalibor Topic | Principal Product Manager
Phone: +494089091214 <tel:+494089091214> | Mobile: +491737185961
<tel:+491737185961>

ORACLE Deutschland B.V. & Co. KG | Kühnehöfe 5 | 22761 Hamburg

ORACLE Deutschland B.V. & Co. KG
Hauptverwaltung: Riesstr. 25, D-80992 München
Registergericht: Amtsgericht München, HRA 95603

Komplementärin: ORACLE Deutschland Verwaltung B.V.
Hertogswetering 163/167, 3543 AS Utrecht, Niederlande
Handelsregister der Handelskammer Midden-Niederlande, Nr. 30143697
Geschäftsführer: Alexander van der Ven, Jan Schultheiss, Val Maher

<http://www.oracle.com/commitment> Oracle is committed to developing
practices and products that help protect the environment