Hello Walter,
3) Rule creation. The core engine usually generates some digested
dataset upon rules are evaluated. The systems come with a builtin
set that do the sorts of things already talked about. In addition
they come with the ability to develop new rules specific to your
application and business needs. For example:
* tracking of taint from user data
* what data is acceptable to log to files (for example NOT
credit-cards)
There have been several proposals for user-defined attributes for
types, I think that is better than having some external rule file.
For open source and libs, yes. For proprietary code bases, I'd say it's about
a wash. Having it in another file could make the language/code base easier
to read and also allow a much more powerful rules language (because it doesn't
have to fit in the host language). And because only you will be maintaining
the code, needing another tool (that you already have) and another build
step isn't much of an issue.
