[squeak-dev] #clearCredentials vs. ModificationForbidden
Tobias Pape
Das.Linux at gmx.de
Sat Jun 6 08:47:28 UTC 2020
> On 06.06.2020, at 08:01, Marcel Taeumel <marcel.taeumel at hpi.de> wrote:
>
> Collection >> #wipeAllFromMemory would be nice to have. :-D Could be a combination of atAllPut: and #removeAll. And deal with ModificationForbidden.
>
I think this is hard to do in a general case (think Intervals?) and is a bit mushy between system-level programming and breaking object-oriented encapsulation.
A dedicated, wipeable Password-safe storage would be better. Thinking of it, we could go a step further and give it an interface such that the clear text of a password is passed on only in minimal contexts to fool memory snooping.
Best regards
-Tobias
> Best,
> Marcel
>> Am 05.06.2020 21:11:30 schrieb Jakob Reschke <forums.jakob at resfarm.de>:
>>
>> Hmm so I was obviously wrong. I understand why, if I think what
>> happens to a method's string literal if you becomeForward: it... And
>> actually since Spur this would really write something to the object's
>> memory space, despite my assumption.
>>
>> So why are these immutable? Because you specify a repository with an
>> evaluable constructor snippet, which has the credentials as string
>> literals, correct? Can't we just copy these arguments in the
>> constructors/setters, to make them "owned" and mutable?
>>
>> Am Fr., 5. Juni 2020 um 19:36 Uhr schrieb Thiede, Christoph
>> :
>> >
>> > This does not work for me:
>> >
>> >
>> > x := 'x'.
>> > x beReadOnlyObject.
>> > y := ''.
>> > x becomeForward: y copyHash: false.
>> >
>> > Still raises a ModificationForbidden.
>> >
>> >
>> > Best,
>> >
>> > Christoph
>> >
>> > ________________________________
>> > Von: Squeak-dev im Auftrag von Jakob Reschke
>> > Gesendet: Freitag, 5. Juni 2020 19:31:30
>> > An: The general-purpose Squeak developers list
>> > Betreff: Re: [squeak-dev] #clearCredentials vs. ModificationForbidden
>> >
>> > With copyHash: false, I hope you can. It should not touch the original
>> > object, which is to be discarded anyway.
>> >
>> > Am Fr., 5. Juni 2020 um 19:24 Uhr schrieb Thiede, Christoph
>> > :
>> > >
>> > > > Use becomeForward: and collect garbage?
>> > >
>> > >
>> > > Afaik you cannot forward a read-only object?
>> > >
>> > > ________________________________
>> > > Von: Squeak-dev im Auftrag von Jakob Reschke
>> > > Gesendet: Freitag, 5. Juni 2020 17:53:30
>> > > An: The general-purpose Squeak developers list
>> > > Betreff: Re: [squeak-dev] #clearCredentials vs. ModificationForbidden
>> > >
>> > > Use becomeForward: and collect garbage?
>> > >
>> > > Marcel Taeumel schrieb am Fr., 5. Juni 2020, 16:27:
>> > >>
>> > >> Hi all!
>> > >>
>> > >> How to update MCHttpRepository >> #clearCredentials?
>> > >>
>> > >> clearCredentials
>> > >> user ifNotNil: [user atAllPut: $x].
>> > >> password ifNotNil: [password atAllPut: $x].
>> > >> user := password := String empty
>> > >>
>> > >> Make those strings not be read-only?
>> > >>
>> > >> Best,
>> > >> Marcel
>> > >>
>> > >
>> >
>> >
>>
>
More information about the Squeak-dev
mailing list
|