>>>>> Kent M Pitman <······@world.std.com> writes:
> I've seen something written up on the conceptual deficiencies
> somewhere, I think due to something someone posted here.
to quote the answer to Q1 of the Java Object Serialization FAQ
http://java.sun.com/j2se/1.4/docs/guide/rmi/faq.html#whyserial
Indeed, our preliminary design, as reflected in the alpha API,
concluded that the default case for a class ought to be that the
objects in the class be serializable. We changed our design only
after considerations of security and correctness convinced us that
the default had to be that an object not be serialized.
the remainder of the FAQ entry goes into more detail.
--
I. M. Ikram ·····@cs.pdn.ac.lk
On 10/1/02 15:00, in article ··············@cs.pdn.ac.lk, "Ikram"
<·····@cs.pdn.ac.lk> wrote:
>>>>>> Kent M Pitman <······@world.std.com> writes:
>> I've seen something written up on the conceptual deficiencies
>> somewhere, I think due to something someone posted here.
>
> to quote the answer to Q1 of the Java Object Serialization FAQ
> http://java.sun.com/j2se/1.4/docs/guide/rmi/faq.html#whyserial
>
> Indeed, our preliminary design, as reflected in the alpha API,
> concluded that the default case for a class ought to be that the
> objects in the class be serializable. We changed our design only
> after considerations of security and correctness convinced us that
> the default had to be that an object not be serialized.
>
> the remainder of the FAQ entry goes into more detail.
I don't know whether this is what Mr Pitman was referring to, but
this is very interesting. The usual trade-off between features
and security so to speak. But not that this 'limitation' (having
to explicitly declare each potentially serializable class as such)
is a fundamental, theoretic, universal road-block. If your runtime
environment is secure/controlled (you don't communicate with anyone,
for example ;-) you can still safely "write to disk" your instance
data. They are no more at risk in your file-system than any other
data also in your file-system.
Usually, no matter what the feature you consider, security issues
will make it less useful (and more secure, we hope :).
But having roamed in the "OO-database" field for quite a while, I was
expecting some revelation, about some serialization need that couldn't
technically be covered, or that Java did wrong, or that people expected
naturally, but turned out to not be possible...
--
Jean-Fran�ois Brouillet
"Jean-Fran�ois Brouillet" <·····@mac.com> wrote in message
························@mac.com...
> But having roamed in the "OO-database" field for quite a while, I was
> expecting some revelation, about some serialization need that couldn't
> technically be covered, or that Java did wrong, or that people expected
> naturally, but turned out to not be possible...
>
Try searching on google, there have been a number of threads about it. Check
the thread "Deep Copy in Lisp" the issues are the same.
--
Coby
(remove #\space "coby . beck @ opentechgroup . com")
"Coby Beck" <·····@mercury.bc.ca> wrote:
> "Jean-Fran�ois Brouillet" <·····@mac.com> wrote:
>> But having roamed in the "OO-database" field for quite a while, I was
>> expecting some revelation, about some serialization need that couldn't
>> technically be covered, or that Java did wrong, or that people expected
>> naturally, but turned out to not be possible...
> Try searching on google, there have been a number of threads about it. Check
> the thread "Deep Copy in Lisp" the issues are the same.
Excellent reference. I particularly liked:
http://groups.google.com/groups?q=Deep+Copy+in+Lisp+group:comp.lang.lisp&hl=
en&selm=hbaker-2704970908050001%4010.0.2.1&rnum=15
Thanks for the pointer.
--
Jean-Fran�ois Brouillet