Berin Loritsch wrote: > Regarding the ComponentValidator, I am temporarily relenting and > moving on. To my knowlege we are all in agreement concerning > Logging. That remains one sore spot to my knowlege *before* we > release.
Berin: I think the points you have made in this thread are right-on-the-money! I think your talking about security concerns in the same way that I think about security. Aside from whatever authentication solution, access control mechanisms, trust management and so forth, if your building a "valuable" system (i.e. a system handling valuable assets), you design and build with the assumption that the system WILL-BE-COMPROMISED. With this presumption there are a variety of mechanisms that can employed to hide sensitive resources - but achieving this requires defensive code - because you can never totally depend on the container because there is always the question of compromising the contains container (recursively). I disagree with comments on this thread that this means you have already lost the battle - internal subsystems can be much more defensive than their containers. But building defensive systems means very rigorous enforcement within an object of its operation state - and for that runtime validation against standard lifecycle semantics is just plain good-sense. Cheers, Steve. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
