On Aug 22, 2006, at 5:27 PM, Ron Teitelbaum wrote:

> I was worried that someone would transfer my object to another  
> image before
> it shut down with some distributed object framework; I wanted to  
> prevent
> that by having the image access some data outside the image itself.  I
> suppose that an external file containing a UUID would have the same  
> effect,
> but would add to support problems.  It is a good thought.

That's why I asked about trusted vs. untrusted code.

It seems like there are 3 levels of paranoia here:

Blasé: Do the simple thing, and if we find a situation where that  
causes problems, fix them.

Cautious: Protect against accidentally transmitting the id by  
accident as might happen with code that blindly reflects over the  
entire system. Your remote string idea probably fits the bill here.

Tinfoil Hat: Protect against malicious code in the image actively  
searching out and transmitting the id so as to defeat your security.  
Tough to do in Smalltalk.

How paranoid are you?

Colin