Channels ▼
RSS

Security

Win32 Security in Managed C++


Managed C++ Hasn't Got Any Friends!

Managed C++ Hasn't Got Any Friends!

While Managed C++ is, for the most part, easy to use (probably easier than pure C++ itself), it buys this by making some sacrifices. There are, therefore, some really annoying facets of the language:

Managed C++ has no friends. This might seem a minor thing, especially since use of the friend keyword is so rarely useful or justified in pure C++. However, there are other restrictions of Managed C++ that conspire with the lack of friendship to create a real wart. Take the SID class. Its constructor (which takes void*) is visible because we have to be able to make SID instances from within the ACE, AccessToken, and GroupList classes. We most certainly do not want any code outside of this library to ever call that constructor. However, if I make the constructor private, the other classes cannot see it. If I try to make them friends, I'm given a C3809 and told to go away. I even tried placing the address of a private static creator method in a public function pointer within a static (class) constructor, but this was disallowed because it violated accessibility to managed types from unmanaged types. Unless Managed C++ supports the Assembly or Family and Assembly accessibilities — which it does not, as far as I can discover — then we're stuck with situations such as that with SID(void*). What's a J# client going to make of that?!

I mentioned in the article "Win32 Security in Managed C++" that we can conversion-construct managed enumeration instances from native types, which is very open to abuse. Given that, it is strange that, even in Managed C++, we cannot define constructors for value types. The LUID type, which is defined as:

public __value struct LUID

{

public:

String *ToString();

public:

void Assign(::LUID const &rhs)

{

this->LowPart = rhs.LowPart;

this->HighPart = rhs.HighPart;

}

public:

UInt32 LowPart;

Int32 HighPart;

};

has to use the Assign method because we cannot define a constructor to instantiate it from the Win32 LUID structure. I presume there's a good reason, but it's annoying nonetheless.

— M.W.


Related Reading


More Insights






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 

Video