0

i'm just try to understand what is the meaning of loophole in programming and i searched and some web result shows that it is releted to low level security.

i read this to understand but i couldn't able to understand this link

and i found this on web

The major loop hole in java is that it breaks the security rules. Here in java we can access the private data menmbers of any class outside the class very easily.

can anyone explain this loophole with program. i'm so confused.

Shanti Lal Prajapat
  • 31
  • 7
  • Look up "java reflection" – MadProgrammer Aug 23 '21 at 03:43
  • 2
    They certainly mean Java's reflection. I am not sure why they try to make it sound like something terrible, though. – Sergey Kalinichenko Aug 23 '21 at 03:43
  • It's not limited to Java either. C# also supports reflection. – Vince Aug 23 '21 at 03:48
  • 2
    Access modifiers are there to guard against *unintentional* access that breaks your design. Not to guard against fraud or anything. So whether you call access to private members through reflection a loophole or not, it is there by conscious design. – Ole V.V. Aug 23 '21 at 04:53
  • @OleV.V. please correct me, if i'm wrong so if i use private member outside the class with the methods then it is part of loophole. – Shanti Lal Prajapat Aug 23 '21 at 13:08
  • @ShantiLalPrajapat You are correct, we believe that that is what your source means by loop hole. They consider that an issue with Java, and they are 100 % entitled to that opinion. I am only saying that I can’t make sense of talking about *security rules* in this context since access modifiers were never about security. – Ole V.V. Aug 23 '21 at 17:56
  • Since ages, Java contains a security manager. I can only think of that per default it is not active while it may be activated at any time. https://docs.oracle.com/javase/8/docs/api/java/lang/SecurityManager.html – Queeg Aug 23 '21 at 20:59
  • @OleV.V. so what do you think this is big problem or not because it breaks the java encapsulation concept. – Shanti Lal Prajapat Aug 24 '21 at 19:56
  • Since you ask, *breaks* is too strong of a word for me here. This part of the design of the Java language has advantages and drawbacks. I may see a small problem, not one that matters in practice and certainly not a big one. – Ole V.V. Aug 25 '21 at 01:04
  • @OleV.V. okay, if you are making a banking application where you define your bank details with private keyword and with the help of reflection they can update your bank details. so can you tell me how java developer deals with that? – Shanti Lal Prajapat Aug 25 '21 at 02:50
  • 1
    Through security. I repeat, access modifiers have nothing to with security. – Ole V.V. Aug 25 '21 at 04:50
  • 1
    @OleV.V. thanx now i got this. – Shanti Lal Prajapat Aug 25 '21 at 07:16

0 Answers0