Hi,
On 11/15/06, Remy Maucherat <[EMAIL PROTECTED]> wrote:
> Because these are internal implementations, if the user is whack
> enough to try and access the real object behind the facade, I'd say
> they're at their own risk.
I disagree: if the security manager is there, then there should be no
way to get the internal object.
You know what, on second reading I tend to agree with you. Users who
are security-conscious enough to enable their security manager are
going to care about this. Can we do extra checking then, to prevent
access to the internal objects, without compromising performance?
Won't the fact that the internal objects behind the facade live in
separate packages be sufficient for the security manager to
automatically deny access to them?
Yoav
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
