----boundary-LibPST-iamunique-1972416891_-_-
Content-type: text/plain
My suggestion was slightly different:
MODULE A; (* Defining module for exported readonly array r *)
TYPE
Array- = ARRAY OF INTEGER; (**** read-only export ****)
VAR
(* readonly array whose elements now can not be modified *)
r-: POINTER TO Array;
BEGIN
NEW(r, 32); (* create the array in this module *)
END A.
MODULE B; (* Client of A *)
IMPORT A;
VAR
rw: POINTER TO Array;
BEGIN
rw := A.r; (* Asssignment currently permitted under CP *)
rw[3] := 7 (* Currently permitted *)
END B.
> Under Fyodor's suggestion it would seem that the following would still
> be possible:
>
> MODULE A; (* Defining module for exported readonly array r *)
> TYPE
> Array* = ARRAY OF INTEGER;
> VAR
> (* readonly array whose elements now can not be modified *)
> r-: POINTER TO Array;
> BEGIN
> NEW(r, 32); (* create the array in this module *)
> END A.
>
> MODULE B; (* Client of A *)
> IMPORT A;
> VAR
> rw: POINTER TO Array;
> BEGIN
> rw := A.r; (* Asssignment currently permitted under CP *)
> rw[3] := 7 (* Currently permitted *)
> END B.
>
> It would seem that the variable 'rw' would need to inherit in some way
> the read only condition from the variable 'r' in order to guarentee that
> the elements of 'r' (and now 'rw') could not be modified in module B.
> There may be other difficulties as well.
>
> I agree with Fyodor that it should be possible to specify an array (and
> arbitrary data structures) as readonly for all of its elements.
>
> -Doug
>
>
> ftkachov{([at]})nowhere.xy> > Hi!
> >
> > Here is another aspect of the problem of (read-only) export of array
> > elements mentioned earlier:
> >
> > If one declares a global variable in one module:
> >
> > VAR a-: POINTER TO ARRAY OF INTEGER;
> >
> > then the array's elements are r/w accessible from the outside.
> >
> > I think a stricter discipline is warranted:
> > exported pointer should only give automatic access to the pointer
> > -- not to the elements of the structure.
> >
> > These problems with export of array elements constitute a security hole
> > that needs to be shut.
> > Especially if one has in view scientific and engineering
> > applications where BB has a significant potential.
> >
> > Cheers
> > Fyodor Tkachov
> > --------------------------------------------
> >
> > To unsubscribe from this mailing list, send a message containing the word "unsubscribe" to:
> > blackbox-request{([at]})nowhere.xy> >
> > To get a list of valid e-mail commands and instructions on their usage, send a message containing the word "help" to the above address.
> >
> > Send any problem reports or questions related to this email list to the list owner at
> > owner-blackbox{([at]})nowhere.xy> >
> > Current posting policy:
> >
> > a) To post you should use the same address by which you are subscribed to the mailing list. That way, the list server will recognize you as subscriber and forward your posting immediately, without creating any overhead.
> >
> > b) If, for some reason, you cannot post from the address, by which you are subscribed, your message will be moderated to avoid spam. Please understand that moderation will often cause some delay, in particular over weekends or holydays.
> >
> >
>
>
>
--------------------------------------------
To unsubscribe from this mailing list, send a message containing the word "unsubscribe" to:
blackbox-request{([at]})nowhere.xy
To get a list of valid e-mail commands and instructions on their usage, send a message containing the word "help" to the above address.
Send any problem reports or questions related to this email list to the list owner at
owner-blackbox{([at]})nowhere.xy
Current posting policy:
a) To post you should use the same address by which you are subscribed to the mailing list. That way, the list server will recognize you as subscriber and forward your posting immediately, without creating any overhead.
b) If, for some reason, you cannot post from the address, by which you are subscribed, your message will be moderated to avoid spam. Please understand that moderation will often cause some delay, in particular over weekends or holydays.
----boundary-LibPST-iamunique-1972416891_-_-
Content-type: application/rtf
Content-transfer-encoding: base64
Content-Disposition: attachment; filename="rtf-body.rtf"
e1xydGYxXGFuc2lcYW5zaWNwZzEyNTJcZnJvbXRleHQgXGRlZmYwe1xmb250dGJsDQp7XGYwXGZz
d2lzcyBBcmlhbDt9DQp7XGYxXGZtb2Rlcm4gQ291cmllciBOZXc7fQ0Ke1xmMlxmbmlsXGZjaGFy
c2V0MiBTeW1ib2w7fQ0Ke1xmM1xmbW9kZXJuXGZjaGFyc2V0MCBDb3VyaWVyIE5ldzt9fQ0Ke1xj
b2xvcnRibFxyZWQwXGdyZWVuMFxibHVlMDtccmVkMFxncmVlbjBcYmx1ZTI1NTt9DQpcdWMxXHBh
cmRccGxhaW5cZGVmdGFiMzYwIFxmMFxmczIwIE15IHN1Z2dlc3Rpb24gd2FzIHNsaWdodGx5IGRp
ZmZlcmVudDpccGFyDQpccGFyDQpNT0RVTEUgQTsgKCogRGVmaW5pbmcgbW9kdWxlIGZvciBleHBv
cnRlZCByZWFkb25seSBhcnJheSByICopXHBhcg0KICAgVFlQRVxwYXINCiAgICAgQXJyYXktID0g
QVJSQVkgT0YgSU5URUdFUjsgKCoqKiogcmVhZC1vbmx5IGV4cG9ydCAqKioqKVxwYXINCiAgIFZB
UlxwYXINCiAgICAoKiByZWFkb25seSBhcnJheSB3aG9zZSBlbGVtZW50cyBub3cgY2FuIG5vdCBi
ZSBtb2RpZmllZCAqKVxwYXINCiAgICAgci06IFBPSU5URVIgVE8gQXJyYXk7XHBhcg0KQkVHSU5c
cGFyDQogICBORVcociwgMzIpOyAgKCogY3JlYXRlIHRoZSBhcnJheSBpbiB0aGlzIG1vZHVsZSAq
KVxwYXINCkVORCBBLlxwYXINClxwYXINCk1PRFVMRSBCOyAgKCogQ2xpZW50IG9mIEEgKilccGFy
DQogICBJTVBPUlQgQTtccGFyDQogICBWQVJccGFyDQogICAgIHJ3OiBQT0lOVEVSIFRPIEFycmF5
O1xwYXINCkJFR0lOXHBhcg0KICAgcncgOj0gQS5yOyAoKiBBc3NzaWdubWVudCBjdXJyZW50bHkg
cGVybWl0dGVkIHVuZGVyIENQICopXHBhcg0KICAgcndbM10gOj0gNyAoKiBDdXJyZW50bHkgcGVy
bWl0dGVkICopXHBhcg0KRU5EIEIuXHBhcg0KXHBhcg0KPiBVbmRlciBGeW9kb3IncyBzdWdnZXN0
aW9uIGl0IHdvdWxkIHNlZW0gdGhhdCB0aGUgZm9sbG93aW5nIHdvdWxkIHN0aWxsIFxwYXINCj4g
YmUgcG9zc2libGU6XHBhcg0KPiBccGFyDQo+IE1PRFVMRSBBOyAoKiBEZWZpbmluZyBtb2R1bGUg
Zm9yIGV4cG9ydGVkIHJlYWRvbmx5IGFycmF5IHIgKilccGFyDQo+ICAgIFRZUEVccGFyDQo+ICAg
ICAgQXJyYXkqID0gQVJSQVkgT0YgSU5URUdFUjtccGFyDQo+ICAgIFZBUlxwYXINCj4gICAgICgq
IHJlYWRvbmx5IGFycmF5IHdob3NlIGVsZW1lbnRzIG5vdyBjYW4gbm90IGJlIG1vZGlmaWVkICop
XHBhcg0KPiAgICAgIHItOiBQT0lOVEVSIFRPIEFycmF5O1xwYXINCj4gQkVHSU5ccGFyDQo+ICAg
IE5FVyhyLCAzMik7ICAoKiBjcmVhdGUgdGhlIGFycmF5IGluIHRoaXMgbW9kdWxlICopXHBhcg0K
PiBFTkQgQS5ccGFyDQo+IFxwYXINCj4gTU9EVUxFIEI7ICAoKiBDbGllbnQgb2YgQSAqKVxwYXIN
Cj4gICAgSU1QT1JUIEE7XHBhcg0KPiAgICBWQVJccGFyDQo+ICAgICAgcnc6IFBPSU5URVIgVE8g
QXJyYXk7XHBhcg0KPiBCRUdJTlxwYXINCj4gICAgcncgOj0gQS5yO1x0YWIgKCogQXNzc2lnbm1l
bnQgY3VycmVudGx5IHBlcm1pdHRlZCB1bmRlciBDUCAqKVxwYXINCj4gICAgcndbM10gOj0gN1x0
YWIgKCogQ3VycmVudGx5IHBlcm1pdHRlZCAqKVxwYXINCj4gRU5EIEIuXHBhcg0KPiBccGFyDQo+
IEl0IHdvdWxkIHNlZW0gdGhhdCB0aGUgdmFyaWFibGUgJ3J3JyB3b3VsZCBuZWVkIHRvIGluaGVy
aXQgaW4gc29tZSB3YXkgXHBhcg0KPiB0aGUgcmVhZCBvbmx5IGNvbmRpdGlvbiBmcm9tIHRoZSB2
YXJpYWJsZSAncicgaW4gb3JkZXIgdG8gZ3VhcmVudGVlIHRoYXQgXHBhcg0KPiB0aGUgZWxlbWVu
dHMgb2YgJ3InIChhbmQgbm93ICdydycpIGNvdWxkIG5vdCBiZSBtb2RpZmllZCBpbiBtb2R1bGUg
Qi5ccGFyDQo+IFRoZXJlIG1heSBiZSBvdGhlciBkaWZmaWN1bHRpZXMgYXMgd2VsbC5ccGFyDQo+
IFxwYXINCj4gSSBhZ3JlZSB3aXRoIEZ5b2RvciB0aGF0IGl0IHNob3VsZCBiZSBwb3NzaWJsZSB0
byBzcGVjaWZ5IGFuIGFycmF5IChhbmQgXHBhcg0KPiBhcmJpdHJhcnkgZGF0YSBzdHJ1Y3R1cmVz
KSBhcyByZWFkb25seSBmb3IgYWxsIG9mIGl0cyBlbGVtZW50cy5ccGFyDQo+IFxwYXINCj4gLURv
dWdccGFyDQo+IFxwYXINCj4gXHBhcg0KPiBmdGthY2hvdkBtczIuaW5yLmFjLnJ1IHdyb3RlOlxw
YXINCj4gPiBIaSFccGFyDQo+ID4gXHBhcg0KPiA+IEhlcmUgaXMgYW5vdGhlciBhc3BlY3Qgb2Yg
dGhlIHByb2JsZW0gb2YgKHJlYWQtb25seSkgZXhwb3J0IG9mIGFycmF5IFxwYXINCj4gPiBlbGVt
ZW50cyBtZW50aW9uZWQgZWFybGllcjpccGFyDQo+ID4gXHBhcg0KPiA+IElmIG9uZSBkZWNsYXJl
cyBhIGdsb2JhbCB2YXJpYWJsZSBpbiBvbmUgbW9kdWxlOlxwYXINCj4gPiBccGFyDQo+ID4gXHRh
YiBWQVIgIGEtOiBQT0lOVEVSIFRPIEFSUkFZIE9GIElOVEVHRVI7XHBhcg0KPiA+IFxwYXINCj4g
PiB0aGVuIHRoZSBhcnJheSdzIGVsZW1lbnRzIGFyZSByL3cgYWNjZXNzaWJsZSBmcm9tIHRoZSBv
dXRzaWRlLlxwYXINCj4gPiBccGFyDQo+ID4gSSB0aGluayBhIHN0cmljdGVyIGRpc2NpcGxpbmUg
aXMgd2FycmFudGVkOlxwYXINCj4gPiBleHBvcnRlZCBwb2ludGVyIHNob3VsZCBvbmx5IGdpdmUg
YXV0b21hdGljIGFjY2VzcyB0byB0aGUgcG9pbnRlclxwYXINCj4gPiAtLSBub3QgdG8gdGhlIGVs
ZW1lbnRzIG9mIHRoZSBzdHJ1Y3R1cmUuXHBhcg0KPiA+IFxwYXINCj4gPiBUaGVzZSBwcm9ibGVt
cyB3aXRoIGV4cG9ydCBvZiBhcnJheSBlbGVtZW50cyBjb25zdGl0dXRlIGEgc2VjdXJpdHkgaG9s
ZVxwYXINCj4gPiB0aGF0IG5lZWRzIHRvIGJlIHNodXQuIFxwYXINCj4gPiBFc3BlY2lhbGx5IGlm
IG9uZSBoYXMgaW4gdmlldyBzY2llbnRpZmljIGFuZCBlbmdpbmVlcmluZ1xwYXINCj4gPiBhcHBs
aWNhdGlvbnMgd2hlcmUgQkIgaGFzIGEgc2lnbmlmaWNhbnQgcG90ZW50aWFsLlxwYXINCj4gPiBc
cGFyDQo+ID4gQ2hlZXJzXHBhcg0KPiA+IEZ5b2RvciBUa2FjaG92XHBhcg0KPiA+IC0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXHBhcg0KPiA+IFxwYXINCj4gPiBU
byB1bnN1YnNjcmliZSBmcm9tIHRoaXMgbWFpbGluZyBsaXN0LCBzZW5kIGEgbWVzc2FnZSBjb250
YWluaW5nIHRoZSB3b3JkICJ1bnN1YnNjcmliZSIgdG86XHBhcg0KPiA+ICAgIGJsYWNrYm94LXJl
cXVlc3RAb2Jlcm9uLmNoXHBhcg0KPiA+IFxwYXINCj4gPiBUbyBnZXQgYSBsaXN0IG9mIHZhbGlk
IGUtbWFpbCBjb21tYW5kcyBhbmQgaW5zdHJ1Y3Rpb25zIG9uIHRoZWlyIHVzYWdlLCBzZW5kIGEg
bWVzc2FnZSBjb250YWluaW5nIHRoZSB3b3JkICJoZWxwIiB0byB0aGUgYWJvdmUgYWRkcmVzcy5c
cGFyDQo+ID4gXHBhcg0KPiA+IFNlbmQgYW55IHByb2JsZW0gcmVwb3J0cyBvciBxdWVzdGlvbnMg
cmVsYXRlZCB0byB0aGlzIGVtYWlsIGxpc3QgdG8gdGhlIGxpc3Qgb3duZXIgYXRccGFyDQo+ID4g
ICAgb3duZXItYmxhY2tib3hAb2Jlcm9uLmNoXHBhcg0KPiA+IFxwYXINCj4gPiBDdXJyZW50IHBv
c3RpbmcgcG9saWN5OlxwYXINCj4gPiBccGFyDQo+ID4gYSkgVG8gcG9zdCB5b3Ugc2hvdWxkIHVz
ZSB0aGUgc2FtZSBhZGRyZXNzIGJ5IHdoaWNoIHlvdSBhcmUgc3Vic2NyaWJlZCB0byB0aGUgbWFp
bGluZyBsaXN0LiBUaGF0IHdheSwgdGhlIGxpc3Qgc2VydmVyIHdpbGwgcmVjb2duaXplIHlvdSBh
cyBzdWJzY3JpYmVyIGFuZCBmb3J3YXJkIHlvdXIgcG9zdGluZyBpbW1lZGlhdGVseSwgd2l0aG91
dCBjcmVhdGluZyBhbnkgb3ZlcmhlYWQuXHBhcg0KPiA+IFxwYXINCj4gPiBiKSBJZiwgZm9yIHNv
bWUgcmVhc29uLCB5b3UgY2Fubm90IHBvc3QgZnJvbSB0aGUgYWRkcmVzcywgYnkgd2hpY2ggeW91
IGFyZSBzdWJzY3JpYmVkLCB5b3VyIG1lc3NhZ2Ugd2lsbCBiZSBtb2RlcmF0ZWQgdG8gYXZvaWQg
c3BhbS4gUGxlYXNlIHVuZGVyc3RhbmQgdGhhdCBtb2RlcmF0aW9uIHdpbGwgb2Z0ZW4gY2F1c2Ug
c29tZSBkZWxheSwgaW4gcGFydGljdWxhciBvdmVyIHdlZWtlbmRzIG9yIGhvbHlkYXlzLlxwYXIN
Cj4gPiBccGFyDQo+ID4gXHBhcg0KPiBccGFyDQo+IFxwYXINCj4gXHBhcg0KXHBhcg0KLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS1ccGFyDQpccGFyDQpUbyB1bnN1
YnNjcmliZSBmcm9tIHRoaXMgbWFpbGluZyBsaXN0LCBzZW5kIGEgbWVzc2FnZSBjb250YWluaW5n
IHRoZSB3b3JkICJ1bnN1YnNjcmliZSIgdG86XHBhcg0KICAgYmxhY2tib3gtcmVxdWVzdEBvYmVy
b24uY2hccGFyDQpccGFyDQpUbyBnZXQgYSBsaXN0IG9mIHZhbGlkIGUtbWFpbCBjb21tYW5kcyBh
bmQgaW5zdHJ1Y3Rpb25zIG9uIHRoZWlyIHVzYWdlLCBzZW5kIGEgbWVzc2FnZSBjb250YWluaW5n
IHRoZSB3b3JkICJoZWxwIiB0byB0aGUgYWJvdmUgYWRkcmVzcy5ccGFyDQpccGFyDQpTZW5kIGFu
eSBwcm9ibGVtIHJlcG9ydHMgb3IgcXVlc3Rpb25zIHJlbGF0ZWQgdG8gdGhpcyBlbWFpbCBsaXN0
IHRvIHRoZSBsaXN0IG93bmVyIGF0XHBhcg0KICAgb3duZXItYmxhY2tib3hAb2Jlcm9uLmNoXHBh
cg0KXHBhcg0KQ3VycmVudCBwb3N0aW5nIHBvbGljeTpccGFyDQpccGFyDQphKSBUbyBwb3N0IHlv
dSBzaG91bGQgdXNlIHRoZSBzYW1lIGFkZHJlc3MgYnkgd2hpY2ggeW91IGFyZSBzdWJzY3JpYmVk
IHRvIHRoZSBtYWlsaW5nIGxpc3QuIFRoYXQgd2F5LCB0aGUgbGlzdCBzZXJ2ZXIgd2lsbCByZWNv
Z25pemUgeW91IGFzIHN1YnNjcmliZXIgYW5kIGZvcndhcmQgeW91ciBwb3N0aW5nIGltbWVkaWF0
ZWx5LCB3aXRob3V0IGNyZWF0aW5nIGFueSBvdmVyaGVhZC5ccGFyDQpccGFyDQpiKSBJZiwgZm9y
IHNvbWUgcmVhc29uLCB5b3UgY2Fubm90IHBvc3QgZnJvbSB0aGUgYWRkcmVzcywgYnkgd2hpY2gg
eW91IGFyZSBzdWJzY3JpYmVkLCB5b3VyIG1lc3NhZ2Ugd2lsbCBiZSBtb2RlcmF0ZWQgdG8gYXZv
aWQgc3BhbS4gUGxlYXNlIHVuZGVyc3RhbmQgdGhhdCBtb2RlcmF0aW9uIHdpbGwgb2Z0ZW4gY2F1
c2Ugc29tZSBkZWxheSwgaW4gcGFydGljdWxhciBvdmVyIHdlZWtlbmRzIG9yIGhvbHlkYXlzLlxw
fX0AZXc=
----boundary-LibPST-iamunique-1972416891_-_---
Received on Wed Jul 09 2003 - 23:06:02 UTC