undefined | Better HN

0 pointsdragonwriter9y ago0 comments

> How is this enforced? What exactly happens at runtime if a guild tries to manipulate an object that belongs to another? (Absent a compile-time check, this is always a possibility.)

It would seem that:

(1) Guild ownership would have to be tracked in the runtime, obviously.

(2) Any access from Ruby code in the runtime, the runtime would also know what Guild the access request came from as well as the Guild the object belonged to against which access was sought.

(3) The runtime would be required to fail in some well-defined way (presuming, raising an exception in the requester) when the rules were violated.

It should be reasonably straightforward to assure this for all accesses within the runtime, since you can just make sure that there is no method to request access which isn't always attached to the Guild that the request comes from. It may be possible to break the runtime with poorly-behaved extension code that subverts the normal mechanisms, and it may be impossible to fully protect against that, but that's pretty much always a potential with extension code.

0 comments

3 comments · 1 top-level

catnaroek9y ago· 2 in thread

How would you transfer ownership of big linked data structures? See my other comment: https://news.ycombinator.com/item?id=12455566

I'm not particularly worried about C extensions. I already know those are a lost case.

dragonwriterOP9y ago

> How would you transfer ownership of big linked data structures?

Very carefully?

More seriously, I think with guilds, what you absolutely don't want to do is build yourself into a position where you ever want to move a big linked data structure (that is, unless you know you are only going to use it in one guild, you never want to build a big linked data structure of mutable objects.)

Big structures of mutable objects should be guild local (or external, in a store that has its own controls for concurrent access.)

_ko19y ago

absolutely.

j / k navigate · click thread line to collapse