Berin, Peter, I'm not very worried about the security aspects of the ComponentValidator class. Like Peter, I see the battle as lost when a malicious component has entered the system, and I do not see that as enough reason to increase code complexity.
However, I am much more concerned with buggy containers. The case could be made that a test case for containers would solve this, and I think Peter is completely right in that. Such a test case *is* needed. There's no argument against it. But it is also considered good practice to add assertions throughout the code, to catch things that "can not" happen, and I see the ComponentValidator as a tool for that. Assertions provide a nice fail-fast, and aids in debugging. (Regarding UNIX file permissions: I see the security aspect of them, but to me they are also protection against users inadvertently deleting the wrong files. I have had much more work related to user screwups than cracker assaults. The neat thing is that I get protection from both from file permissions. ComponentValidator does the same - primarily I get faster debugging and better regression tests, and if it stops some component hell-bent on destruction as well, then that is good.) /LS -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
