Solved

No Access Control or Constraint Checking Global Variables

Posted on 2011-03-21
5
224 Views
Last Modified: 2012-05-11
Hi

Can some one please explain with examples.


Regards
Karan Gupta
0
Comment
Question by:KaranGupta
5 Comments
 
LVL 5

Assisted Solution

by:karthika_cts
karthika_cts earned 100 total points
ID: 35188198
No Access Control or Constraint Checking — A global variable can be get or set by any part of the program, and any rules regarding its use can be easily broken or forgotten. (In other words, get/set accessors are generally preferable over direct data access, and this is even more so for global data.) By extension, the lack of access control greatly hinders achieving security in situations where you may wish to run untrusted code (such as working with 3rd party plugins).

Reference: http://www.experts-exchange.com/Programming/Languages/C_Sharp/Q_26900368.html
http://c2.com/cgi/wiki?GlobalVariablesAreBad
0
 
LVL 11

Assisted Solution

by:lenordiste
lenordiste earned 100 total points
ID: 35188271
Global variables can be accessed by any part in your program which means you have no access control . Since any objects can potentially access your global variable, you will have a hard time debugging your software if your global variable was modified unintentionally.

Also, it is better to wrap global variables in get/set constructs to allow for constraint checking. For instance you may have a global variable of type int which in your software should never be below 10. A property (get/set) will allow you to add constraint checking and make sure that nobody tries to assign a number below 10.
0
 

Author Comment

by:KaranGupta
ID: 35188586
I have 2 questions regarding this

1. What is the access specifier of global variable
2. How can be add a constraint check on normal variable.
0
 
LVL 11

Accepted Solution

by:
Sudhakar Pulivarthi earned 300 total points
ID: 35189535
Access specifier determines the visibility of the variable/property at any point your app.
Read this article which informs various specifiers in C#
http://en.csharp-online.net/CSharp_Basic_Concepts%E2%80%94Declared_Accessibility

Pls check the code sample to know how we can do the constraint check.
internal class TestGlobal1
    {
        internal void Test()
        {
            TestData.MyData = 15;
            TestData.MyData = -6; // This value will not be allowed to set

            TestGlobal2 test2 = new TestGlobal2();
            test2.Test();

            TestData.MyData = 1; // This value will be allowed to set            
            test2.Test();            

            Console.ReadKey();
        }
    }

    internal class TestGlobal2
    {
        internal void Test()
        {
            Console.WriteLine("Data = " + TestData.MyData);
        }
    }

    internal class TestData
    {
        private static int _myData; // Class level static variable will be a global variable for all objects

        // This is the property which exposes the value across the app.
        internal static int MyData
        {
            get { return _myData; }
            set
            {
                if (value > 0)
                {
                    // Allow only +ve integers
                    _myData = value;
                }
                else
                {
                    // Optionally u can throw exception here
                }
            }
        }
    }

Open in new window

0
 

Author Closing Comment

by:KaranGupta
ID: 35195945
Thanks
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

More often than not, we developers are confronted with a need: a need to make some kind of magic happen via code. Whether it is for a client, for the boss, or for our own personal projects, the need must be satisfied. Most of the time, the Framework…
The ECB site provides FX rates for major currencies since its inception in 1999 in the form of an XML feed. The files have the following format (reducted for brevity) (CODE) There are three files available HERE (http://www.ecb.europa.eu/stats/exch…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question