[Grace-core] Built-in egality
Michael Homer
mwh at ecs.vuw.ac.nz
Fri Dec 13 19:51:32 PST 2013
On Sat, Dec 14, 2013 at 4:31 PM, Michael Homer <mwh at ecs.vuw.ac.nz> wrote:
> On Fri, Dec 13, 2013 at 6:09 PM, Andrew P Black <black at cs.pdx.edu> wrote:
>> What should Grace's built-in egality method do when asked to compare two objects of different classes?
>>
>> The current implementation seems to try to examine the fields in the other object, which fails if they are confidential (e.g., if they are defs). Even if this worked, it would be wrong, because the two classes might use the fields in quite different ways. The motivating example is range.from()to() and range.from()downTo(), which obviously do different things with the fields start and stop.
> This didn't get updated with the change of default visibility. I have
> fixed that now (c3443d0).
When I think about it, the existence of a confidential field should
presumably be an immediate "false" too. Otherwise the value can leak
out when egal calls == on an untrusted object, assuming you can
actually override it.
-Michael
More information about the Grace-core
mailing list