
What is meant by “protection” in real OOP? - tresilience
I read up on the history of Smalltalk and Object Oriented Programming, and one thing I have not quite grasped is the idea of &quot;protection.&quot;<p>I know you can protect methods from being accessed by making them private or protected in certain programming languages but something else must be meant here.<p>Do you protect objects from being changed? Do you protect them from being &quot;talked to&quot; &#x2F; responding with valuable returns to unauthorized requests &#x2F; initial-message-senders? To what purpose?<p>And how exactly are they being protected, by what mechanism so to speak? (particularly in Smalltalk)
======
7373737373
Encapsulation[0] might be the term you are looking for. Enforcing object
boundaries makes it easier to reason about program behavior and enforce
security guarantees.

If objects can only change their own data, then all change affecting the
object is either caused by the object itself, or indirectly by another when
information crosses the interface the boundary presents (e.g. a message was
received).

Most languages use a memory model that doesn't even have the concept of access
rights, everything can potentially affect anything else. If your program has
to be secure, this is a nightmare.

[0]
[https://en.wikipedia.org/wiki/Encapsulation_(computer_progra...](https://en.wikipedia.org/wiki/Encapsulation_\(computer_programming\))

Also interesting:

[https://en.wikipedia.org/wiki/Message_passing](https://en.wikipedia.org/wiki/Message_passing)

[https://en.wikipedia.org/wiki/Capability-
based_security](https://en.wikipedia.org/wiki/Capability-based_security)

[https://en.wikipedia.org/wiki/Agent-
based_model](https://en.wikipedia.org/wiki/Agent-based_model)

[https://en.wikipedia.org/wiki/Actor_model](https://en.wikipedia.org/wiki/Actor_model)

~~~
tresilience
Thanks. I've read all links and I think I would like to see more hands-on code
regarding to how this is done in the systems (like Smalltalk) itself.

~~~
7373737373
There are two types of languages which use encapsulation: those who use it
merely as the main syntactic model (C++, Smalltalk, Java, Python) and those
who actually enforce it by managing memory access during runtime (E, Erlang).

The following might be intuitive
[https://raw.githubusercontent.com/erights/uploaded-
papers/ma...](https://raw.githubusercontent.com/erights/uploaded-
papers/master/ocap-virtual-env.pdf)

------
xkriva11
In Smalltalk, the only way how to communicate to objects is by sending
messages. The way how they react on the messages is full the responsibility of
objects, and they can refuse them. This decision is strictly late-bound
because all message passing in Smalltalk is late-bound. You may say that all
the methods in Smalltalk are "public", but it is not the very same meaning as
in other languages.

The objects store the state in instance variables. You cannot access the
instance variables of objects from outside of the object. All instance
variables are "protected" in the terminology of C++.

~~~
tresilience
> The way how they react on the messages is full the responsibility of
> objects, and they can refuse them.

Thereby any further protection is totally up to the programmer right?

~~~
xkriva11
Yes. It is actually very easy to extend Smalltalk to support private/protected
methods (message bytecode based on the protocols, for example). But Smalltalk
would need to do these checks in run-time because all message sends are late-
bound.

~~~
tresilience
Thanks! Can you point me to where I can find out more about the eval-"loop"
that the entire Smalltalk runs on?

~~~
xkriva11
Check the Blue Book:
[http://stephane.ducasse.free.fr/FreeBooks/BlueBook/Bluebook....](http://stephane.ducasse.free.fr/FreeBooks/BlueBook/Bluebook.pdf)

