[Dev] (db policy) transparent persistence

[Curt Hibbs]

Ricardo M. Reyes wrote:
>
> DM> What does transparent object persistence mean?
> [ ... deleted a lot ... ]
>
> I think Object Persistence looks really interesting, but there's
> something that bothers me, and maybe it's already taken care in the
> Persistence implementations.
>
> I guess that the storage of objects includes the code of the metods.
> If this is true, then I think it's a huge security risk. If someone
> tampers with the stored representation of an object, it can replace
> an inocent method with something dangerous, and then Chandler would
> execute that trojanized code next time the object is loaded.
>
> Am I wrong? Maybe the code is not stored on disk? or it's encrypted
> somehow?
>
> I would really like to hear from someone who used Obj. Persistence
> about this.

Typically, the code is _not_ stored in the database -- only the data is
stored. The object classes that know how to deal with particular types of
data would be part of the Chandler application.

Curt