I'm going through Code Complete 2 and got to this key point on chapter 5 about hiding information
"Get into the habit of asking "What should I hide?" You'll be surprised at how many difficult design issues dissolve before your eyes."
I think it should be quite the opposite, you should be in the habit of hiding everything and asking your self "what should I show?"; in C# if you omit the access modifier it defaults to private, and that's there for a good reason
You have to think in terms of what would someone else do, if they were trying to mess up with your code or get that precious information that your project is accessing
Of course not all projects are that critical that you should worry about securing every single aspect of the application, but you should get into the habit of hiding as much as possible and only making visible what you actually need, that way you'll be programming in a more secure way by default without even thinking about it
Tuesday, June 27, 2006
Subscribe to:
Post Comments (Atom)
2 comments:
Open/Closed principal states that our code should be open to extension, but closed to changes, making everything private would, if anything, reverse that statement.
In java the default is that everything is virtual (VB Overridable), and that's there for a good reason.
In general you would probably be better off with protected and virtual than the default private and final, your code can be protected through CAS, and if the code will be used as a library by someone else they would still be able to use reflection to adapt your classes, only then you have been programming as if they couldn't.
If your design dictates that something should be public, you make it public, is not about hiding everything, but just start as the default, it's always easier to make it public later, than it is to make it private
Post a Comment