From: "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de>
Subject: Re: Securing type extensions
Date: Thu, 16 Sep 2010 14:45:31 +0200
Date: 2010-09-16T14:45:31+02:00 [thread overview]
Message-ID: <9d43s5gucfe8.1llq6tdbd4e0h.dlg@40tude.net> (raw)
In-Reply-To: 4c920504$0$6767$9b4e6d93@newsspool3.arcor-online.net
On Thu, 16 Sep 2010 13:52:36 +0200, Georg Bauhaus wrote:
> On 16.09.10 09:47, Dmitry A. Kazakov wrote:
>
>>> Certainly, and a "plan" suffices as an example, if you agree
>>> that perfect technical specifications of what (again, just for the
>>> sake of an example) a type writer expects an extension writer to
>>> do are not always possible. (Which I understand you do.)
>>
>> That is not the type writer.
>
> Party X made a library, L, of O-O types, abstract or not.
> Party Y extends a type in L, say T
>
> I'm talking about how X and Y can trust each other before
> X licenses the library and before Y writes an extension.
They need not.
> What technical factors of a language's type extension mechanism
> will likely make X and Y be more confident that nothing will
> go wrong?
None, not needed, impossible anyway.
>>> The issue is related to trust, and to type extension, and it is an
>>> existing challenge.
>>> Call it poor design on the part of Python framework writers, if that
>>> is what it seems to be. But since the framework exists as a foundation
>>> for real software, it does affect multi-party work. We can't always
>>> control the parent types, and must see if we can find it trustworthy.
>>
>> and the point is?
>
> The point is to fathom the dark waters of software development
> from multiple components, of possibly closed source:
> Is there anything in Ada that acts like a flash light when
> compared to more dynamic languages?
Separation of interface and implementation. Strong, static, manifested
typing. Static analysis. Least assumption design principle.
> Facilities of Ada that makes
> one feel more secure when extending a type?
Classes consistently mapped onto types.
> (You remember the story often told about Roman bridge builders
> having to stand under their new bridge on opening day. Just to
> illustrate trust.)
Huh, it is the pedestrians to stay under the bridge. For the most recent
example see:
http://www.wired.com/threatlevel/2010/09/first-sale-doctrine/
>> The way you described it, trust has no physical meaning.
>
> When you sign a contract with your name, then this is quite physical.
If only signatures could make programs working...
> When you pay, or don't pay, this is easily measured.
Measured what? Do you trust Microsoft?
>> It is a
>> psychological phenomenon, not a subject of CS and SW engineering.
>
> Psychology, politics, ambition and money are undoubtably parts of
> SW engineering, steering the decisions. They are essential to
> engineering in general.
As a framework they are. That does not make them engineering.
> This famous rocket did not have an O-ring suitable for the range of
> temperatures, they say, and then it exploded. There had been some
> protest before the parts were composed to form the rocket. An example
> showing that engineering is not just about technical formulas.
Which was a perfect example of the opposite - of how engineering was
defeated by trust. They trusted in that the rocket would not explode.
People used to trust in silly things. Engineers are those who do not trust.
--
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de
next prev parent reply other threads:[~2010-09-16 12:45 UTC|newest]
Thread overview: 107+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-09-12 10:18 Preventing type extensions Florian Weimer
2010-09-12 11:59 ` Ludovic Brenta
2010-09-12 12:53 ` Florian Weimer
2010-09-12 21:23 ` Maciej Sobczak
2010-09-13 5:32 ` Florian Weimer
2010-09-13 7:13 ` Dmitry A. Kazakov
2010-09-13 9:19 ` Georg Bauhaus
2010-09-13 9:42 ` Dmitry A. Kazakov
2010-09-13 10:23 ` Niklas Holsti
2010-09-13 12:55 ` Cyrille
2010-09-13 13:55 ` Dmitry A. Kazakov
2010-09-13 21:13 ` J-P. Rosen
2010-09-21 13:57 ` Cyrille
2010-09-21 14:19 ` Dmitry A. Kazakov
2010-09-21 14:44 ` Cyrille
2010-09-21 16:25 ` Dmitry A. Kazakov
2010-09-21 17:11 ` Georg Bauhaus
2010-09-21 18:11 ` Dmitry A. Kazakov
2010-09-23 20:00 ` Simon Wright
2010-09-23 20:49 ` Dmitry A. Kazakov
2010-09-24 9:10 ` Georg Bauhaus
2010-09-24 10:24 ` Dmitry A. Kazakov
2010-09-24 13:30 ` Niklas Holsti
2010-09-24 16:27 ` Dmitry A. Kazakov
2010-09-24 17:47 ` Niklas Holsti
2010-09-24 19:42 ` Dmitry A. Kazakov
2010-09-21 14:32 ` J-P. Rosen
2010-09-21 15:02 ` Cyrille
2010-09-21 15:26 ` J-P. Rosen
2010-09-21 16:18 ` Cyrille
2010-09-22 8:01 ` J-P. Rosen
2010-09-22 17:28 ` Cyrille
2010-09-22 19:30 ` Ludovic Brenta
2010-09-22 19:51 ` Florian Weimer
2010-09-22 20:14 ` Dmitry A. Kazakov
2010-09-22 20:25 ` Florian Weimer
2010-09-22 20:38 ` Dmitry A. Kazakov
2010-09-22 21:25 ` Vinzent Hoefler
2010-09-22 21:20 ` Georg Bauhaus
2010-09-22 20:16 ` Ludovic Brenta
2010-09-22 20:34 ` Florian Weimer
2010-09-22 22:45 ` Britt Snodgrass
2010-09-23 8:02 ` Ludovic Brenta
2010-09-23 16:51 ` Pascal Obry
2010-09-23 18:37 ` Florian Weimer
2010-09-23 18:55 ` Pascal Obry
2010-09-23 20:28 ` Ludovic Brenta
2010-09-24 9:20 ` Ludovic Brenta
2010-09-24 14:49 ` Simon Wright
2010-09-24 15:09 ` Ludovic Brenta
2010-09-24 16:21 ` Robert A Duff
2010-09-25 7:10 ` Pascal Obry
2010-09-25 12:03 ` Brian Drummond
2010-09-24 8:16 ` J-P. Rosen
2010-09-24 8:39 ` Cyrille
2010-09-24 9:27 ` Cyrille
2010-09-29 16:47 ` J-P. Rosen
2010-09-30 10:08 ` Cyrille
2010-10-05 17:02 ` J-P. Rosen
2010-10-08 7:50 ` Cyrille
2010-10-08 13:58 ` Cyrille
2010-10-08 20:12 ` Dmitry A. Kazakov
2010-10-11 7:57 ` Cyrille
2010-10-11 8:24 ` Dmitry A. Kazakov
2010-10-12 5:23 ` Shark8
2010-10-13 9:06 ` J-P. Rosen
2010-10-13 17:37 ` Cyrille
2010-10-13 18:50 ` Dmitry A. Kazakov
2010-09-21 14:50 ` (see below)
2010-09-21 17:37 ` Cyrille
2010-09-21 19:07 ` (see below)
2010-09-13 13:05 ` Dmitry A. Kazakov
2010-09-13 20:21 ` Niklas Holsti
2010-09-13 21:00 ` Dmitry A. Kazakov
2010-09-13 21:10 ` J-P. Rosen
2010-09-14 12:16 ` Niklas Holsti
2010-09-14 16:46 ` Dmitry A. Kazakov
2010-09-14 18:08 ` Niklas Holsti
2010-09-14 18:32 ` Niklas Holsti
2010-09-15 8:18 ` Dmitry A. Kazakov
2010-09-14 17:04 ` J-P. Rosen
2010-09-13 15:12 ` Securing type extensions (was: Preventing type extensions) Georg Bauhaus
2010-09-13 15:29 ` Securing type extensions Dmitry A. Kazakov
2010-09-13 17:23 ` Simon Wright
2010-09-13 20:22 ` Georg Bauhaus
2010-09-13 20:41 ` Dmitry A. Kazakov
2010-09-14 10:02 ` Georg Bauhaus
2010-09-14 12:22 ` Dmitry A. Kazakov
2010-09-14 21:18 ` Georg Bauhaus
2010-09-15 8:15 ` Dmitry A. Kazakov
2010-09-15 20:47 ` Georg Bauhaus
2010-09-16 7:47 ` Dmitry A. Kazakov
2010-09-16 11:52 ` Georg Bauhaus
2010-09-16 12:45 ` Dmitry A. Kazakov [this message]
2010-09-16 20:53 ` Georg Bauhaus
2010-09-16 21:37 ` Dmitry A. Kazakov
2010-09-17 8:45 ` Georg Bauhaus
2010-09-17 9:39 ` Dmitry A. Kazakov
2010-10-05 5:59 ` Randy Brukardt
2010-09-13 18:32 ` Preventing " Florian Weimer
2010-09-13 20:30 ` Dmitry A. Kazakov
2010-09-22 19:41 ` Florian Weimer
2010-09-22 20:34 ` Dmitry A. Kazakov
2010-09-22 21:10 ` Georg Bauhaus
2010-09-17 0:16 ` Shark8
2010-09-17 7:04 ` AdaMagica
2010-09-17 21:05 ` Shark8
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox