Re: Objective-C Question
Re: Objective-C Question
- Subject: Re: Objective-C Question
- From: Theo Stauffer <email@hidden>
- Date: Tue, 23 Sep 2003 14:11:08 +0200
Hi,
I also found the responses a bit on the oversensitive side, but
hopefully everyone understands the original question now. I must admit
that I was also puzzled to find out that ObjC didn't have some of the
Java features when I started out to learn it, but this was perhaps more
naivete than anything else (I mean, C is not Java either, nor is Perl,
now is it?). That said I have been wondering about security guarantees
in languages, specifically relating to something you mentioned, that
being mobile devices. The way I see it is that mobile devices need to
offer more reliability and security than standard computers, as they
are consumer devices, and have no need of or space for anti-virus
software. Java, I think, offers fairly good security by design here, as
one can sandbox the application and the verifier will keep malicious
code out. What has often worried me a bit (although I simply know too
little, I think) about langauges which are both native and use pointers
is that pointers offer a good opportunity to break any security model.
Or do I misunderstand this?
-Theo
On Tuesday, September 23, 2003, at 01:25 am, Steve Ehrenfried wrote:
--- Jeff Galyan <email@hidden> wrote:
I don't want to start another avalanche of mail on
this. I do have to
respond that just because the original poster used
Java as an example of
things that he is looking for in ObjC, that does not
necessarily mean he was
asking why ObjC isn't Java. I took his question to
be more along the lines
of "do these features exist in ObjC, and if so, how
do I use them? If not,
why not?" At no point did the original poster say
anything even remotely
like "ObjC is stupid and so are you." Several
respondents have done so
regarding Java (or C++, even).
Thanks Jeff, that was exactly what I meant by those
questions; I'm glad some people got it.
All I can say is that until you've worked with certain
types of applications, it might not be clear why a
certain feature is built into the language. It's very
hard to do a general-purpose programming language well
so that it easily works with a wide variety of
application areas. I don't think you can design a
language without at least having certain types of
applications in mind for it. I also don't think you'll
ever have one language that's perfect for every
situation.
Since a number of posters declared "final"
methods/classes to be a "useless feature", allow me to
explain why it might be useful. I've seen this feature
in at least two languages, Java and Telescript (from
the now-deceased General Magic organization). Both of
these languages are/were interpreted, object-oriented
languages that had some level of support for mobile
code. Telescript was a special-purpose language for
developing mobile agents (an agent in this context is
a lightweight thread that can travel between various
Telescript virtual machines residing on different
nodes in a network), and Java also has some built-in
support for "one-hop" agents (applets). So, the
languages needed various security features so that
mobile agents could not be hacked into viruses/worms,
the main fear of mobile code.
One such security safeguard was to make certain
pre-defined classes and methods "sealed" or "final; in
other words, you're allowed to use a certain object by
sending it messages, but you can't override or modify
that object's pre-determined behavior. So, in a way it
enforces a containment and/or using relationship
between the classes, but disallows an inheritance
relationship.
The very fact that the code is interpreted inside a
virtual machine adds one level of security. When you
have a virtual machine regulating the behavior of
objects which have travelled into a VM from a remote
(and possibly untrusted) source, you can't let the
visiting objects change the behavior of the host VM. I
hope it should be pretty clear as to why you don't
want to allow this. Language-enforced security is one
approach to solving this problem.
That said, it appears to me that Obj C would not be a
good language for developing mobile agents, which is
not necessarily a flaw since it probably wasn't
intended for that; Java and Telescript were. From what
I can tell, Obj C was mostly intended for desktop GUI
applications, for which it works well. So any argument
as to whether one language is better than another only
makes sense in the context of what you're trying to
use that language for.
FWIW, here's a URL to a post that should clarify the
urban legend about Gosling, Java and Objective-C:
http://www.isse.gmu.edu/~ofut/classes/432/Resources/java-objc.html
-Steve
__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.