Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Does variable privacy actually have anything to do with security or is it just for programming convenience?

For years I have been programming and I think I even understand the difference between public, private and protected for the most part, however are these names simply misleading? Are these levels of visibility only to help us not trip over our own toes? Many languages I have programmed do not seem to enforce most of these rules and I've never heard of a hacker breaking into a system because one of your variables was not marked private.

I would love to know this it has been bothering me for many years.

like image 899
NickJ Avatar asked Jan 18 '23 21:01

NickJ


1 Answers

A hacker can access a private variable if they can compute memory offsets correctly. Not too hard.

These access controls cover a broader and generally different class of errors. Better encapsulation simplifies code and makes it easier to reason about, which clears the path for spotting other mistakes which are security problems. (That is, it indirectly helps security.)

Code which is harder to break on purpose is probably harder to break by accident, too :-)

like image 79
spraff Avatar answered Jan 31 '23 00:01

spraff