From: dewar@cs.nyu.edu (Robert Dewar)
Subject: Re: Child packages
Date: 19 Oct 1994 14:54:51 -0400
Date: 1994-10-19T14:54:51-04:00 [thread overview]
Message-ID: <383q1r$mji@gnat.cs.nyu.edu> (raw)
In-Reply-To: EACHUS.94Oct19110308@spectre.mitre.org
I think it is Robert Eachus who is being misleading and alarmist here. First
of all, it is perfectly possible to write packages now which break the
private type interface, by using unchecked conversion, and do all sorts
of horrible things.
Why is this not a disaster? Because you know from the package (with
unchecked conversion) that is is potentially a problem, and you know
that you DON'T have anything to worry about if the package is not
included in a program.
Exactly the same holds true for child packages. I really think all this
worrying about them is bogus. In fact you are much better off with a
child package than you are if someone simply mucks directly with the
source of a supposedly secure package. OK, you say, we have these wonderful
configuration managers that prevent that sort of thing -- fine have these
wonderful cm's also restrict what people can do with child packages.
The bottom line is that child packages add no fundamental functionality.
There is nothing that you can do with them that you cannot do without them,
including busting abstractions. What they allow is much more convenient
package of a program into components, and indeed some of these components
may be mucking with abstractions, possibly in a naughty way, but you are
still ahead.
Consider the following two possibilities:
someone has mucked with the source of a critical package and broken the
abstraction. All programs that with this package are bust.
someone has added a child package to a critical package, and broken the
abstraction. Only programs that with the child package are bust.
It seems clear that situation two is a huge improvement over the "ada 83"
way of breaking abstractions represented by situation one.
Of course you can still illegally muck with packages you shouldn't touch
in Ada 9X, but given the possibility of child packages, it is now practical
to really "lock the door" and forbid any mucking with critical packages and
to forbid the use of unchecked conversions.
This kind of draconian action could be done in Ada 83, but then there is
no way out for an isolated special program to get its hands on the private
data. Ada 9X allows such a method, if you care to permit it.
next prev parent reply other threads:[~1994-10-19 18:54 UTC|newest]
Thread overview: 73+ messages / expand[flat|nested] mbox.gz Atom feed top
1994-09-29 20:08 Is Ada the future? [was: Is C++ the future?] John DiCamillo
1994-09-30 13:45 ` David Weller
1994-10-01 21:40 ` John DiCamillo
1994-10-03 9:53 ` Robert I. Eachus
1994-10-03 20:41 ` John DiCamillo
1994-10-04 8:41 ` Robb Nebbe
[not found] ` <85C825A689A@annwfn.com>
1994-10-13 14:40 ` John Volan
1994-10-13 21:14 ` Matt Kennel
1994-10-14 0:37 ` Robert Dewar
1994-10-14 10:16 ` Robb Nebbe
1994-10-14 20:43 ` Bob Duff
1994-10-13 22:01 ` Val Kartchner
1994-10-14 1:38 ` Robert Dewar
1994-10-14 9:31 ` Robb Nebbe
1994-10-14 16:16 ` Child packages [nn,pedo,incest,cons] Robert Firth
1994-10-14 17:13 ` Robert I. Eachus
1994-10-17 8:18 ` Robb Nebbe
1994-10-17 11:52 ` Robert I. Eachus
1994-10-17 21:54 ` Bob Duff
1994-10-18 10:30 ` Child packages Robb Nebbe
1994-10-18 9:37 ` Robert I. Eachus
1994-10-18 19:09 ` Robert Dewar
1994-10-19 11:03 ` Robert I. Eachus
1994-10-19 16:24 ` Norman H. Cohen
1994-10-19 23:13 ` Robert Dewar
1994-10-20 14:06 ` Norman H. Cohen
1994-10-20 11:09 ` Robert I. Eachus
1994-10-20 19:02 ` Benjamin Ketcham
1994-10-20 17:08 ` Robert I. Eachus
1994-10-20 16:37 ` Bob Duff
1994-10-20 16:40 ` Bob Duff
1994-10-21 14:02 ` Mark Biggar, 5172
1994-10-21 8:48 ` Robb Nebbe
1994-10-19 18:54 ` Robert Dewar [this message]
1994-10-20 0:27 ` Matt Kennel
1994-10-20 8:21 ` Magnus Kempe
1994-10-20 13:52 ` John Volan
1994-10-19 16:19 ` Norman H. Cohen
1994-10-04 14:44 ` Is Ada the future? [was: Is C++ the future?] Robert Dewar
1994-10-04 15:53 ` Richard Kenner
[not found] ` <36h4pc$9dd@starbase.neosoft.com>
1994-09-30 20:15 ` Benjamin Ketcham
1994-10-02 16:30 ` Robin Rowe
1994-10-02 18:00 ` David Weller
1994-10-03 15:55 ` Netspeak: What is "trolling"? Norman H. Cohen
1994-10-03 17:04 ` Kenneth Aubey 913-4481
1994-10-03 21:06 ` Is Ada the future? [was: Is C++ the future?] John DiCamillo
1994-10-04 0:29 ` David Weller
1994-10-04 17:42 ` John DiCamillo
1994-10-05 8:18 ` Magnus Kempe
1994-10-05 13:49 ` Tucker Taft
[not found] ` <36q7m5$4ef@starbase.neosoft.com>
1994-10-04 17:55 ` Robin Rowe
1994-10-04 22:42 ` Tucker Taft
1994-10-03 9:22 ` Andrew Lees
1994-10-03 21:31 ` John DiCamillo
1994-10-04 23:29 ` John DiCamillo
1994-10-05 3:52 ` Robin Rowe
1994-10-05 13:15 ` Robert Dewar
1994-10-05 13:54 ` David Weller
[not found] ` <36uhnl$4c1@gnat.cs.nyu.edu>
[not found] ` <37dp17$gp6@goanna.cs.rmit.oz.au>
1994-10-11 13:37 ` Robert Dewar
1994-10-19 11:24 ` Stephen J Bevan
1994-10-19 15:51 ` Robert Dewar
1994-10-25 12:21 ` Stephen J Bevan
1994-10-05 17:08 ` Ted Dennison
[not found] ` <36msgr$qq2@starbase.neosoft.com>
1994-10-04 7:21 ` Ada compared to C++ Robin Rowe
1994-10-05 6:44 ` Bob Kitzberger
1994-10-05 12:02 ` Robert Dewar
1994-10-05 18:20 ` Bob Kitzberger
1994-10-05 8:44 ` Magnus Kempe
1994-10-05 19:55 ` David Weller
[not found] ` <1994Oct6.133002.1@rapnet.sanders.lockheed.com>
1994-10-16 3:30 ` Mark S. Hathaway
-- strict thread matches above, loose matches on Subject: below --
1995-03-17 9:27 An observation of Ada (may offend) R.A.L Williams
1995-03-17 17:08 ` Norman H. Cohen
1995-03-23 16:38 ` Robert I. Eachus
1995-03-24 10:46 ` Peter Hermann
1995-03-27 9:59 ` Child packages Robb Nebbe
1995-03-28 1:11 ` Keith Thompson
1995-03-28 11:54 ` Keith Thompson
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox