From: Alexander on
Wherever I find something on the topic, these are considered positive.
Why? I only find it time-consuming. Could you respond (preferably on
comp.programming) why it can be considered as such, but motivated,
that is without responses like "it's good software engineering
practice", "it's just better", etc... I'm a learner, and I think now
is the best time to shape out practices and priorities.
From: Christian Hackl on
Alexander ha scritto:

> Wherever I find something on the topic, these are considered positive.

The C++ FAQ explains the benefits of const correctness:
http://www.parashift.com/c++-faq-lite/const-correctness.html#faq-18.2

Const correctness makes ordinary type safety even stronger because it
restricts what you can do with an object. All arguments in favour of
ordinary type safety apply also to const correctness.


(followup-to comp.lang.c++)


--
Christian Hackl
hacki(a)sbox.tugraz.at

Milano 2008/2009 -- L'Italia chiam�, s�!
From: Öö Tiib on
On 20 juuli, 16:00, Alexander <alva...(a)gmail.com> wrote:
> Wherever I find something on the topic, these are considered positive.
> Why? I only find it time-consuming.

I have heard them named as "principle of minimal privilege" and "const
correctness".

Illustrative example: Imagine that you play classical click-around,
find-items, combine-and-use-them-to-proceed adventure game. You need
to use 5 items for winning it but the game throws at you 80 red
herring items too. Some of the items may lead you to wrong, useless
places or into inescapable situations (that game does not indicate any
way). Fun to click and try to combine them all and to use everywhere
and then to reload earlier saves and to retry? No. Most like it be
better if game does not give red herrings to them at all or gave lot
less than possible. So "more" is not always "better".

Same is with access restrictions in computer science. Anyone writing
module or class interfaces should take good care about it being
sufficient and complete for its purpose. It is done for protecting the
users of interface from need to know about various red herrings and
wrong places. Best is to give to user *only* such information and
resources and access that they need for legitimate usage purposes.
Also it is important to give them *everything* that they need for
legitimate usage purposes, otherwise they start to ask questions like
"is this game winnable at all". ;)

Of course it is initially time consuming for interface designer to
carefully arrange that access but it saves lot of time of the innocent
users of the interface. Also it gets easier when you have habit to do
it. If you write it all by yourself you may initially think that you
are the user yourself (and so not innocent) and so it does not apply
and habit is not needed. Wrong. Let me display why you are wrong there
too.

Why you write it at all? Usually it is done for fame and/or big bucks.
What is goal-reaching indicator? Popularity and/or commercial success.
Have you faced (however limited) popularity or commercial success? It
is terrible thing. The list of bugs and feature requests may grow to
hundreds or thousands despite how good effort you put up. You will see
it is hard, when you are lucky enough.

Lets say you manage alone? During maintenance your product grows over
100 000 lines of code easily in less than 5 years heroic maintenance.
100 000 lines is about the spot where you start to forget things why
you wrote that or that. Finally you are player yourself with full of
red herrings puzzle. You need to maintain it and hate it at same time.
You can not possibly manage alone.

Now comes last point. Writing interfaces lousily is bad habit. Others
do not like it. It is very hard to find allies. Very precious few can
navigate in 100 000 lines of one-man spaghetti. None of these precious
few lacks better offers or opportunities than to join you. Also it is
very hard for you to get rid of your bad habits (you have worked by
them for 5 years say).

> Could you respond (preferably on
> comp.programming) why it can be considered as such, but motivated,
> that is without responses like "it's good software engineering
> practice", "it's just better", etc... I'm a learner, and I think now
> is the best time to shape out practices and priorities.

Why you cross posted to several groups? Post into every group
individually if you need different opinions. There are lot more
languages. Each is different. For example java does not have language
elements dedicated for const correctness at all i think. However ...
general reasons why principle of minimal privileges is good to follow
are lot older than C++ or java. I think most good developers have
habit to limit access to their modules internals in one way or other.
From: Richard Heathfield on
Alexander wrote:
> Wherever I find something on the topic, these are considered positive.
> Why? I only find it time-consuming. Could you respond (preferably on
> comp.programming) why it can be considered as such, but motivated,
> that is without responses like "it's good software engineering
> practice", "it's just better", etc... I'm a learner, and I think now
> is the best time to shape out practices and priorities.

The more power you have, the easier it is to screw things up. That's why
we have admin accounts and user accounts - we use the admin account when
we must, and we're *really careful* when we do, but we use the user
account most of the time because mistakes are less costly.

const-correctness: If an object is const-qualified, a function can't
change its value. Consequently, it can't screw up the value. So we only
give functions write access to objects when we really need to (and then
we're *really careful* to ensure that they only write appropriate values
to those objects that are not const).

Least privilege: same reasoning as above (especially the admin/user
parallel). The less power you accord to a function/program/whatever, the
less it can screw things up. So, as far as is practical, you only give
the minimum privileges necessary to accomplish the task at hand.

--
Richard Heathfield <http://www.cpax.org.uk>
Email: -http://www. +rjh@
"Usenet is a strange place" - dmr 29 July 1999
Sig line vacant - apply within
From: Lew on
Öö Tiib wrote:
> Why you cross posted to several groups? Post into every group
> individually if you need different opinions. There are lot more
>

Wrong. You describe multi-posting, one of the cardinal sins of
Usenet. Cross-posting is much better.

Do not multi-post. Ever.

Cross-post only when you must, to the least number of relevant groups.

> languages. Each is different. For example java [sic] does not have language
> elements dedicated for const correctness at all i [sic] think. However ....

Wrong again, sort of. Java has 'final' which is sort of similar to
'const'.

--
Lew