• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

how can private provide security for variables

 
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi
My friend was asked a question in google about private access modifiers.

question was :

if you have setters and getters methods for accessing private variables, how are you providing security for private variables if the client can set the private variable value using setter methods

in advance
Thanks
 
Marshal
Posts: 28193
95
Eclipse IDE Firefox Browser MySQL Database
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I didn't think I was providing security when I did that. But I might have been; it depends on what you mean by "security" there.
 
Ranch Hand
Posts: 1847
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
indeed.
There is a strong school of thought that says you shouldn't generally have setters at all, just getters, and set every field through the constructor only (essentially making as many objects immutable as possible).

You could say you're providing the option of increased security when using setters as you can write them to provide for example validation (or even authorisation), though you certainly don't have to.
 
Ranch Hand
Posts: 208
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
In a setter, it is really easy to add data verification, e.g.


Maybe, by "providing security", Raghuveer was referring to something like this?
 
Ranch Hand
Posts: 212
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Encapsulation is what is provided by OOP, not security. I suspect what you mean is encapsulation.

Making an object immutable is no different security-wise, or encapsulation-wise then having mutators. Whether you are passing data through a constructor gains no "security" benefits over passing it to a mutator. There are plenty of benefits to using immutable classes but are related to performance and memory usage.
 
(instanceof Sidekick)
Posts: 8791
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Well, that would depend on your definition of security. If I define it as "I instantiate an object and I want to prevent you from changing it" then immutable is more secure than a setter. If I mean "I want to let you change it within some domain of values" then a setter with validation is more secure than a public variable. And if I mean "I don't want you to know this variable even exists" ... what implementation would you choose?
 
And tomorrow is the circus! We can go to the circus! I love the circus! We can take this tiny ad:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic