class-based access control VS instance-based access control

Discussion in 'C++' started by xz, Jan 7, 2008.

  1. xz

    xz Guest

    Why C++ (as well as Java) adopts class-based access control instead of
    instance-based access control?

    I had never paid attention to whether an access-control is class-based
    or instance-based but only intuitively thought that the latter was the
    one being used.

    Since it does not seem to make sense to let an instance "a1" of Class
    "A" to have access to the private data of instance "a2" of the same
    Class A, does it?
    xz, Jan 7, 2008
    #1
    1. Advertising

  2. xz wrote:
    > Why C++ (as well as Java) adopts class-based access control instead of
    > instance-based access control?


    Mostly because of the different purpose of those. Class-based has the
    purpose to prevent coding mistakes, whereas instance-based looks like
    a security measure. C++ wasn't designed with security in mind.

    > I had never paid attention to whether an access-control is class-based
    > or instance-based but only intuitively thought that the latter was the
    > one being used.
    >
    > Since it does not seem to make sense to let an instance "a1" of Class
    > "A" to have access to the private data of instance "a2" of the same
    > Class A, does it?


    That's an incomplete statement. Since it doesn't, then what? What
    conclusion do you expect to derive from "since it doesn't make sense"?
    And think of the fact that it doesn't make sense to you, but obviously
    makes a lot of sense to millions of other C++ programmers who never
    complain about that feature. What does it say?

    V
    --
    Please remove capital 'A's when replying by e-mail
    I do not respond to top-posted replies, please don't ask
    Victor Bazarov, Jan 7, 2008
    #2
    1. Advertising

  3. xz

    xz Guest

    On Jan 7, 2:29 pm, "Victor Bazarov" <> wrote:
    > xz wrote:
    > > Why C++ (as well as Java) adopts class-based access control instead of
    > > instance-based access control?

    >

    Thanks for you reply.

    > Mostly because of the different purpose of those. Class-based has the
    > purpose to prevent coding mistakes, whereas instance-based looks like
    > a security measure. C++ wasn't designed with security in mind.
    >


    I thought the access control was designed in the purpose for
    security......
    And it is obviously a danger to let "a1" (of class A) to have access
    to the private data of "a2".
    If you wanna control the privileges of accesses from the outside
    world, it's straightforward that any access from outside should be
    controlled, whether it is from an instance of different class or the
    same class.
    Well, but you said class-based is not for security......

    > > I had never paid attention to whether an access-control is class-based
    > > or instance-based but only intuitively thought that the latter was the
    > > one being used.

    >
    > > Since it does not seem to make sense to let an instance "a1" of Class
    > > "A" to have access to the private data of instance "a2" of the same
    > > Class A, does it?

    >
    > That's an incomplete statement. Since it doesn't, then what? What
    > conclusion do you expect to derive from "since it doesn't make sense"?
    > And think of the fact that it doesn't make sense to you, but obviously
    > makes a lot of sense to millions of other C++ programmers who never
    > complain about that feature. What does it say?
    >
    > V
    > --
    > Please remove capital 'A's when replying by e-mail
    > I do not respond to top-posted replies, please don't ask
    xz, Jan 7, 2008
    #3
  4. xz

    xz Guest

    On Jan 7, 2:29 pm, "Victor Bazarov" <> wrote:
    > xz wrote:
    > > Why C++ (as well as Java) adopts class-based access control instead of
    > > instance-based access control?

    >
    > Mostly because of the different purpose of those. Class-based has the
    > purpose to prevent coding mistakes, whereas instance-based looks like
    > a security measure. C++ wasn't designed with security in mind.

    Then how about Java?

    >
    > > I had never paid attention to whether an access-control is class-based
    > > or instance-based but only intuitively thought that the latter was the
    > > one being used.

    >
    > > Since it does not seem to make sense to let an instance "a1" of Class
    > > "A" to have access to the private data of instance "a2" of the same
    > > Class A, does it?

    >
    > That's an incomplete statement. Since it doesn't, then what? What
    > conclusion do you expect to derive from "since it doesn't make sense"?
    > And think of the fact that it doesn't make sense to you, but obviously
    > makes a lot of sense to millions of other C++ programmers who never
    > complain about that feature. What does it say?
    >
    > V
    > --
    > Please remove capital 'A's when replying by e-mail
    > I do not respond to top-posted replies, please don't ask
    xz, Jan 7, 2008
    #4
  5. xz wrote:
    > On Jan 7, 2:29 pm, "Victor Bazarov" <> wrote:
    >> xz wrote:
    >>> Why C++ (as well as Java) adopts class-based access control instead
    >>> of instance-based access control?

    >>
    >> Mostly because of the different purpose of those. Class-based has
    >> the purpose to prevent coding mistakes, whereas instance-based looks
    >> like a security measure. C++ wasn't designed with security in mind.

    > Then how about Java?


    No, thanks.

    V
    --
    Please remove capital 'A's when replying by e-mail
    I do not respond to top-posted replies, please don't ask
    Victor Bazarov, Jan 7, 2008
    #5
  6. xz

    xz Guest

    On Jan 7, 3:10 pm, "Victor Bazarov" <> wrote:
    > xz wrote:
    > > On Jan 7, 2:29 pm, "Victor Bazarov" <> wrote:
    > >> xz wrote:
    > >>> Why C++ (as well as Java) adopts class-based access control instead
    > >>> of instance-based access control?

    >
    > >> Mostly because of the different purpose of those. Class-based has
    > >> the purpose to prevent coding mistakes, whereas instance-based looks
    > >> like a security measure. C++ wasn't designed with security in mind.

    > > Then how about Java?

    >


    > No, thanks.

    So you are a fan of tea? :)

    OK, let's ask it seriously.
    I think Java (the programming language provided by Sun, which is a
    company instead of the shining sun in the sky) was designed "with
    security in mind", then why Java's access control is also class-based
    instead of instance-based?

    >
    > V
    > --
    > Please remove capital 'A's when replying by e-mail
    > I do not respond to top-posted replies, please don't ask
    xz, Jan 7, 2008
    #6
  7. xz wrote:
    > On Jan 7, 3:10 pm, "Victor Bazarov" <> wrote:
    >> xz wrote:
    >>> On Jan 7, 2:29 pm, "Victor Bazarov" <> wrote:
    >>>> xz wrote:
    >>>>> Why C++ (as well as Java) adopts class-based access control
    >>>>> instead of instance-based access control?

    >>
    >>>> Mostly because of the different purpose of those. Class-based has
    >>>> the purpose to prevent coding mistakes, whereas instance-based
    >>>> looks like a security measure. C++ wasn't designed with security
    >>>> in mind. Then how about Java?

    >>

    >
    >> No, thanks.

    > So you are a fan of tea? :)
    >
    > OK, let's ask it seriously.
    > I think Java (the programming language provided by Sun, which is a
    > company instead of the shining sun in the sky) was designed "with
    > security in mind", then why Java's access control is also class-based
    > instead of instance-based?


    Why are you asking about Java in a C++ newsgroup? The only answer
    to your question here is "who cares?"

    V
    --
    Please remove capital 'A's when replying by e-mail
    I do not respond to top-posted replies, please don't ask
    Victor Bazarov, Jan 7, 2008
    #7
  8. xz

    Grizlyk Guest

    xz wrote:
    >
    > And it is obviously a danger to let "a1" (of class A)
    > to have access to the private data of "a2".


    Try to write a copy ctor and assignment operator for your class A.

    Probably, access to the private data of object of the same class can
    be disabled by default, and a kind of static_cast<> will exist to
    explicitly change type of reference to enabled.

    But what the errors and where have you met already with the access is
    enabled by default?

    Maksim A. Polyanin
    old page about some C++ improvements:
    http://grizlyk1.narod.ru/cpp_new
    Grizlyk, Jan 8, 2008
    #8
  9. xz

    Salt_Peter Guest

    On Jan 7, 3:54 pm, xz <> wrote:
    > On Jan 7, 2:29 pm, "Victor Bazarov" <> wrote:> xz wrote:
    > > > Why C++ (as well as Java) adopts class-based access control instead of
    > > > instance-based access control?

    >
    > Thanks for you reply.
    >
    > > Mostly because of the different purpose of those. Class-based has the
    > > purpose to prevent coding mistakes, whereas instance-based looks like
    > > a security measure. C++ wasn't designed with security in mind.

    >
    > I thought the access control was designed in the purpose for
    > security......
    > And it is obviously a danger to let "a1" (of class A) to have access
    > to the private data of "a2".
    > If you wanna control the privileges of accesses from the outside
    > world, it's straightforward that any access from outside should be
    > controlled, whether it is from an instance of different class or the
    > same class.
    > Well, but you said class-based is not for security......
    >
    > > > I had never paid attention to whether an access-control is class-based
    > > > or instance-based but only intuitively thought that the latter was the
    > > > one being used.

    >
    > > > Since it does not seem to make sense to let an instance "a1" of Class
    > > > "A" to have access to the private data of instance "a2" of the same
    > > > Class A, does it?

    >


    You have a serious misconception about access control and instances. A
    class is a blueprint. Its a specification of what an instance will
    look like and the interface an instance will have if and only if you
    actually make one. You can't apply encapsulation to an instance
    without first designing the model.

    Our world works the same way. You buy a home that has a private
    bathroom, your neighbour has the identical house. Does your neighbour
    have access to your private bathroom because he has access to his? If
    he flushes the toilet, does yours go too? Would making the bathroom
    public change that? If you push the accelerator in your car, do all
    the other cars on the road accelerate as well? Give all your
    neighbours the key to your car and try pushing the accelerator again,
    do the neighbour's cars accelerate too (are they even running)?

    You and your neighbour share the same water reservoir/treatment plant.
    If it breaks down, both you and your neighbour lose your water source
    (the water plant is static, unique in your area - a translation unit).
    It too is an instance of a water plant, although unique in your
    sector. If you manage to bypass security and decide to bathe in that
    water, does that mean that your body is simultaneously bathing in
    every water plant this world has? Hmm?

    Meanwhile: an instance is just an instance. An apple is just another
    apple. You are just another person. The only thing these pairs of
    entities have in common is their type.

    If you do something silly and you end up in prison, thats not
    encapsulation either, its Storage (you were placed in a secured
    container). Its really a very simple concept. Just look around you.
    Salt_Peter, Jan 8, 2008
    #9
  10. xz

    James Kanze Guest

    On Jan 7, 8:58 pm, xz <> wrote:
    > Why C++ (as well as Java) adopts class-based access control instead of
    > instance-based access control?


    Because you couldn't implement copy construction otherwise. If
    a language supports value semantics for user defined types, it
    pretty much has to use class based access control.

    > I had never paid attention to whether an access-control is
    > class-based or instance-based but only intuitively thought
    > that the latter was the one being used.


    > Since it does not seem to make sense to let an instance "a1"
    > of Class "A" to have access to the private data of instance
    > "a2" of the same Class A, does it?


    And how do you implement a copy constructor otherwise?

    --
    James Kanze (GABI Software) email:
    Conseils en informatique orientée objet/
    Beratung in objektorientierter Datenverarbeitung
    9 place Sémard, 78210 St.-Cyr-l'École, France, +33 (0)1 30 23 00 34
    James Kanze, Jan 8, 2008
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Sridhar R
    Replies:
    14
    Views:
    1,382
    =?iso-8859-1?Q?Fran=E7ois?= Pinard
    Feb 10, 2004
  2. Gerry Sutton
    Replies:
    1
    Views:
    527
    Peter Otten
    Apr 16, 2005
  3. Gerard Flanagan
    Replies:
    3
    Views:
    433
    Terry Hancock
    Nov 19, 2005
  4. Martin P. Hellwig
    Replies:
    1
    Views:
    365
    Martin P. Hellwig
    Mar 26, 2010
  5. Greg Hauptmann
    Replies:
    9
    Views:
    233
    Loren Segal
    Jun 16, 2008
Loading...

Share This Page