Is public by default an unsafe default?

NotYouAgain NotYouAgain at gmail.com
Thu May 2 08:05:32 UTC 2024


On Thursday, 2 May 2024 at 00:27:40 UTC, Steven Schveighoffer 
wrote:
> ..
> ...

Either I accidently made by agrument absurd, or you are 
intentionally redirecting my argument to make it sound absurd?

I was of course referring to API's in the sense the 'safety' 
extends to more than just memory safety. I'm sure you would agree 
here.

In any case, the abstract notion of safety was the inherent topic 
for this discussion, not memory safety.

So referring back to the Subject: "Is public by default an unsafe 
default?"

I'd have to say yes, it is, because the surface for accidents 
(and attacks) is bigger than what it would otherwise have been.

What are my chances of hacking an API that was accidently private 
(because that was the default)? I'd say my chances decrease. They 
surely don't increase.

What are my chances of accidently using a private implementation 
property/method, when the implementation is all 'public by 
default'. I'd say my chances certainly increase. They surely 
don't decrease.

A few posts ago someone mentioned liking to program in a language 
because it was public by default. But liking or not liking, is 
not related to safe or unsafe.

I don't like locking all my windows and doors.

I'd like to leave them open.

In the past, I actually often forget to do just that (in a place 
I no longer live in). The consequences? I got broken into 6 times 
(although not really broken into, since they just climbed in 
through an open window).

I'd say private by default has the same advantages (and 
disadvantages) of locked by default. But I still prefer the minor 
inconvenience of private by default.

I was pleasantly surprised that you can in fact take some control 
over this in D.

So I encourage more D programmers to do just that.


module m;
@safe:
private:

....



More information about the Digitalmars-d mailing list