David Garamond said:
> i've read the Object Orienter Perl book by Damian Conway, and in
> chapter 11 he explains about Tie::SecureHash that's supposed to
> provide
> capability to create private attributes.
>
> however, since a package is never closed, and we cannot override the
> 'package' op (via declaring sub CORE::GLOBAL::package {} for example),
> an untrusted client can just do this:
>
> package MyClass;
> sub get_priv_attr { my $self = shift; $self->priv_attr }
>
> are there other ways to reasonably accomplish "privateness"?
That depends on your definition of reason :-)
Maybe it is enough for the documentation to say "This is private, don't
use it."
If you really want to keep people out you can bless a closure. Damian
talks about that somewhere in his book (I don't have a copy to hand). The
biggest downside is that every method call gets another sub call, and sub
calls are already slow enough. But maybe speed isn't an issue for you.
You have read the final NOTE in perlmodlib, right?
In general Perl treats this as a social rather than a programming problem.
This tends to unnerve some people coming from B&D (programming)
backgrounds. But if that's what you want, blessing a closure is probably
more secure than most other languages. Be aware though, that if someone
starts wielding the B modules, you have no chance.
--
Paul Johnson - [EMAIL PROTECTED]
http://www.pjcj.net
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
