Are the classes aware of their namespace? In which case, your security might be broken
AnyPublicClass namespace class allInstances detect: [:e | e name = #Smalltalk].
Anyway, no need for namespace at all, just a:
(AnyPublicClass withAllSuperclasses last allSubclasses detect: [:e | e name = #SystemDictionary]) allInstances etc...
Sorry, you might have to restrict available messages too...
Michael van der Gulik a écrit :
Naming collisions aren't my concern.
I want to be able to load untrusted code and run it, securely.
This means that I need a unit for loading remote code, thus the package was born. It also means I need to have complete control over what that remote code has access to. If you give untrusted code access to the global SystemDictionary, it has access to everything (which I consider bad practice). To solve this, I've been working on a design for Namespaces that lets a code loader show a certain amount of discretion about what a package has access to ( i.e. the import lists).
Answering your points directly, I'm hoping that my tools will not be that difficult to use so that even power users can use them. The import lists should usually be automatically populated by the NamespaceBrowser.
As with smaller images, naming collisions only require two loaded packages to happen (even on the smallest image), and I'd find it pretty damn annoying if they happen for 1% of all class names. That's every third or fourth package.
Gulik.