Stefano Mazzocchi wrote:
> You guys seem to fail a simple programming practice that is used to
> "defend" yourself from such API abuses: make the Mail constructors and
> all the methods you don't want the mailet to mess with private.
>
> If you need another instance, then you pass thru a factory but you need
> to get the instance of the factory and this instance is provided to you
> if you are entitled to do this job.
>
> I still don't get it.
There's nothing wrong with the Mail constructor or hidden methods
getting called. The problem is the notion you suggested of having the
MailServlet/Mailet service method return a Mail object. We don't care
about creating extra instances... any of restrictions. My point is if
you make the API,
public Mail service(Mail mail)
then a servlet can return a new instance of a Mail object to the middle
of the processing pipe (which I think is bad), and then you'll also have
people wanting,
public Mail[] service(Mail mail)
(we've already had requested and discussed issues like this). A servlet
is completely within it's rights to construct 500 the Mail objects...
but they should have to add that to the top of the spool (using a
provided API call), not by returning it from the service method.
Ok, I just had another really bad idea... do we want to apply a special
security manager to MailServlets/Mailets that restrict what they can do
(send X many messages, view only this part of the harddrive, not access
any parts of the network). I remember long ago they tried to apply
security manager restrictions to servlets, and that failed because
people wanted complete control. Again, something to table for a while,
but maybe we can bring it up again later. Then an admin can add mail
servlet components and know they won't abuse the system.
Serge Knystautas
Loki Technologies
http://www.lokitech.com/
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/>
Problems?: [EMAIL PROTECTED]
