Member Avatar for sujithy15

hai guys my question is regarding data protection.
conisder this program

// This class defines an integer stack that can hold 10 values.
class Stack {
int stck[] = new int[10];
int tos;
// Initialize top-of-stack
Stack() {
tos = -1;
}
// Push an item onto the stack
void push(int item) {
if(tos==9)
System.out.println("Stack is full.");
else
stck[++tos] = item;
}
// Pop an item from the stack
int pop() {
if(tos < 0) {
System.out.println("Stack underflow.");
return 0;
}
else
return stck[tos—];
}
}

in this program the tpo value and the stack size are public.
now if i give the compiles code i.e byte code to someone how can he change the value of top or size ..
how will the usage of aces specifier private prevent this harm from being done?

Edited by kvprajapati because: Added [code] tags. Encase your code in: [code] and [/code] tags.
  • 3 Contributors
  • 20 Replies
  • 244 Views
  • 9 Hours Discussion Span
  • Latest Post Latest Post by sujithy15
Member Avatar for masijade

Um, no, nothing in that class is public, not even the class itself.

Member Avatar for sujithy15

Um, no, nothing in that class is public, not even the class itself.

ok lets change it to public and now what plzz ans my doubt

Member Avatar for masijade

No, not until I see what you want as public as there is also no "tpo" or "stacksize" variables. Post code, or ask a question, that actually pertain to each other, or we cannot help you.

Member Avatar for masijade

From PM

hai i am the one who posted the question by name data protection
in the stack program that i presented
lets change the aces specifiers to public..

now all the i provide the users is a compiled code.
now what difference will the usage of private make when compared to usage of pulic.

Can the user change the value of stack size if it is public?
but how can he change?
all that he will be able to give as input is elements
HOw can he aces the public data members?


one do private prevent accesing of data maliciously?
What is meant by acesing the data values maliciousl?
how is it done?

plzz help me with these questions:confused:

Keep it in the thread

You access public data members with

WhateverClass c = new WhateverClass();
c.whateverVar = whatever;

With private members you cannot do this.

See the tutorial posted previously.

Edited by masijade because: n/a
Member Avatar for JamesCherrill

What is meant by acesing the data values maliciousl?

Malicious means with evil or bad intentions.

Member Avatar for sujithy15

sorry for the inconvenience
i will make it clear
in the program
there is a variable by name tos
it can be acesed anywhere with in the same package

now i compile the code n i give it to a user.
now what difference will it make that the variable tos is private or not

lets consider tos to be public
if so can the user change the value of tos maliciously by writing some king of code?
how can that be prevented by the usage of private?

this is what i am asking about

Member Avatar for sujithy15

mr.cherill
i am so glad for ur help.
lets say that i give u the byte code of the above stack program.
now how wil u be able to change the value of the variable tos .

u dont have the source code and u dont even know that there exits a variable by name tos.

all that u can do is enter the elements into the stack or popout the elements from the stack

so using of public or private
what differernce will it make?

u dont have source code
u dont know that there exits a variable by name tos

Member Avatar for masijade

When it is public, of course, when it is private, then only through the use of reflection. default (i.e. package) is good enough as long as you sign the packages in jars so that others cannot create classes in the same package.

Member Avatar for masijade

u dont have the source code and u dont even know that there exits a variable by name tos.

And? Reflection, and or any IDE will show it to you.

all that u can do is enter the elements into the stack or popout the elements from the stack

so using of public or private
what differernce will it make?

As already stated, public you can easily change, private you cannot.

u dont have source code
u dont know that there exits a variable by name tos

The assumption, of course, will be that if it is public, it will documented just like the methods, so you will know about. And, even if it's not, reflection and every IDE will show it to you.

Member Avatar for sujithy15

Malicious means with evil or bad intentions.

When it is public, of course, when it is private, then only through the use of reflection. default (i.e. package) is good enough as long as you sign the packages in jars so that others cannot create classes in the same package.

but to do so they have to know that there exists a variable by name tos.
how can they know that without having the source code?

Member Avatar for sujithy15

And? Reflection, and or any IDE will show it to you.

As already stated, public you can easily change, private you cannot.

The assumption, of course, will be that if it is public, it will documented just like the methods, so you will know about. And, even if it's not, reflection and every IDE will show it to you.

sir,
does it mean that the ide can show u the source code of a byte code?
then why cant we dirrectly change it ?

Member Avatar for masijade

Reflection, decompilation, javap, hell, on Unix, the strings command, not to mention that every IDE will show it to you (they can also show you the private and protected members). It is not a secret. The format of the byte code is publicly available, and so there are many ways to read it, and many ways to change it. Do not consider these access modifiers to be real world security measures.

Member Avatar for sujithy15

mr. masijade u really clarified my doubt except one thing .
if using an ide if i see the source code of a class( actually i am a user of the program only and the class was made by some other programmer)
can i manully change the acces specifier of a variable which is private to public?

Member Avatar for masijade

I never said you see the source code (although with decompilation, you do, at least a "compatible" version of it). You see it's declared members and declared methods and declared constructors.

Edit: I.E. their "names", their types, their access level, and their parameters (with type).

Edited by masijade because: n/a
Member Avatar for sujithy15

mr. masijade
so using ide we can see what access specifiers are used with the variables
if it is private it is not possible to access it
if it is public
we can write a few lines of code and accesss the data present in the class
is that it?

Member Avatar for masijade

If it is public you can just directly access it (as shown above), if it is private reflection can still retrieve and/or modify it's value (definately not recommended), and with some libraries (E.G. BCEL) you can actually change the binary class definition (also, definately, not recommended), and all of this whether you are using an IDE or not, an IDE simply presents it to you without you having to dig for it yourself. I.E., an IDE makes it simpler, as with so many other things.

Edited by masijade because: n/a
Member Avatar for sujithy15

sir
if that is the case then it doesnt make any difference if i am using private or not
when one can change even private content
what is the use of private?

Member Avatar for masijade

You can only change private members with a lot of effort, and none of them are recommended. Like I said, do not confuse access modifiers with real world security. That is the last time I am going to say it. Go through that posted tutorial and read the The Java Language Specification for more detail. I'm sorry, but I'm done here.

Member Avatar for sujithy15

thank you so much
but once last question
is changing private values posible using traditional java
i.e without any ide or extra tools?

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.