There's rather an interesting thread going on over on c.l.py about private attributes and Python. It gave me the opportunity to post a link to one of my favourite c.l.py posts of all time, the Martellibot's wonderful essay decrying the "principle of least privilege". It should, as Steven D'Aprano says, be required reading for all developers, regardless of platform.
Also in the thread, the effbot comes to my defense on the subject of the rationale behind Python's name mangling feature, and links to a facinating thread from depths of Python's history in which the feature is originally discussed, and which contains this from Guido:"Python is an experiment in how much freedom programmers need. Too much freedom and nobody can read another's code; too little and expressiveness is endangered". Poetry.
BTW, do any Java-heads out there know whether or not cglib allows you to bypass private and protected?
Posted to Python by Simon Brunning at September 29, 2005 03:42 PMI discovered last night that an old friend of mine is another Python nerd. Unfortunately he also lives in Northampton. Do Python nerds meet up in Northampton?
Posted by: Katherine on September 29, 2005 04:26 PMNerd? I? How very dare you!
Err, Nottingham, I have no idea. Is he on the UK mailing list?
If not, give me a shout if he ever visits civilisation, err, sorry, I mean London. I'm hoping to organise Python booze ups monthly or thereabouts, so perhaps he could come to one of those.
Posted by: Simon Brunning on September 29, 2005 05:01 PMNot sure you need cglib to bypass private/protected - I'm 95% sure XStream does this by reaching into the com.sun.misc stuff (or whatever) in a nasty "Not Officially Suppoted By Java" way. XStream can quite happily write out private (obviously non-transient) fields in this way.
Posted by: Sam Newman on September 29, 2005 05:41 PMBecause CGLIB works by subclassing (foiled by final classes, FWIW), you cannot use it to gain access to private or protected members of existing objects. For new objects you can certainly expose the protected members via a public subclass method, but you don't need CGLIB to do that. It is also possible to read some private field values by mucking around with serialization.
Posted by: Chris Nokleberg on September 29, 2005 06:53 PMIn fact you can override accessibility from within Java using introspection - CGLIB is not needed. See java.lang.reflect.AccessibleObject.setAccessible(). Jython actually provides this as a feature - if you define the System property python.security.respectJavaAccessibility=false then your Jython program can access non-public members of any Java object!
Posted by: Kent Johnson on September 30, 2005 11:07 AM