Re: 'Protected' abstract subprograms

comp.lang.ada
 help / color / mirror / Atom feed

From: "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de>
Subject: Re: 'Protected' abstract subprograms
Date: Thu, 16 Jan 2014 09:52:48 +0100
Date: 2014-01-16T09:52:48+01:00	[thread overview]
Message-ID: <1u5t5vkgmmrby.18yvkd683amoj$.dlg@40tude.net> (raw)
In-Reply-To: wcck3e18he0.fsf@shell01.TheWorld.com

On Wed, 15 Jan 2014 09:11:03 -0500, Robert A Duff wrote:

> "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de> writes:
> 
>> Yep, that's what I meant under "cooperative" privacy. For many
>> applications, and the number of is growing rapidly, a "non-cooperative"
>> privacy is needed as well.
> 
> Well, in a language that allows Unchecked_Conversion, address clauses,
> machine code inserts, etc., I don't see any way to achieve
> non-cooperative privacy within a single process.

Using memory protection and routing certain calls through the sealed RTL.
Just the way most OSes do it. Of course RTL could use certain OS services
for that, like it does in the case of tasks mapped on system threads. E.g.
a part of RTL could be implemented as a driver etc.

> You can achieve it
> in Ada via remote procedure calls, though.

Yes, though using network connection is much overhead comparing to
switching contexts. Furthermore RPC is a procedural paradigm unsuitable for
the purpose of privacy in an OO language like Ada, too much heavy-weight.

As a challenge for uncooperative privacy consider User_Credentials object.
Its implementation would store the password inaccessible otherwise than
through operations provided. The instances are kept on memory pages
unmapped for the rest of the program. The bodies of the operations run on
another context, which is switched upon the call. The call also validates
the object's 'reference' and converts it to the true address.

Though from the programmer's perspective semantically the difference from
protected objects Ada already has is not that big, if any.

-- 
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de

next prev parent reply	other threads:[~2014-01-16  8:52 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-01-10 22:00 'Protected' abstract subprograms sbelmont700
2014-01-10 22:30 ` Randy Brukardt
2014-01-11 16:12   ` sbelmont700
2014-01-14  3:45     ` Randy Brukardt
2014-01-14  9:05       ` Dmitry A. Kazakov
2014-01-15  0:36         ` Randy Brukardt
2014-01-15  9:17           ` Dmitry A. Kazakov
2014-01-15 14:11             ` Robert A Duff
2014-01-15 15:40               ` adambeneschan
2014-01-15 21:21                 ` Robert A Duff
2014-01-15 23:10                   ` Randy Brukardt
2014-01-16  0:51                     ` Robert A Duff
2014-01-16 10:43                       ` AdaMagica
2014-01-16 16:32                         ` adambeneschan
2014-01-17  1:49                         ` Robert A Duff
2014-01-17 23:23                           ` Randy Brukardt
2014-01-19 21:07                             ` Robert A Duff
2014-01-20  8:40                               ` Dmitry A. Kazakov
2014-01-21 14:37                                 ` Robert A Duff
2014-01-22  8:27                                   ` Dmitry A. Kazakov
2014-01-21  1:21                               ` Randy Brukardt
2014-01-21 14:35                                 ` Robert A Duff
2014-01-15 23:17               ` Randy Brukardt
2014-01-16  8:52               ` Dmitry A. Kazakov [this message]
2014-01-11  8:41 ` J-P. Rosen
2014-01-11  8:59 ` Dmitry A. Kazakov
2014-01-11 13:42   ` Niklas Holsti
2014-01-11 19:35     ` Dmitry A. Kazakov
2014-01-12  9:19       ` Niklas Holsti
2014-01-12 10:22         ` Dmitry A. Kazakov

replies disabled

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox