[e-lang] Taming Java Libraries in E vs. Joe-e

Jimmy Wylie jwylie at uno.edu
Fri Nov 14 14:18:34 CST 2008 

Mark Miller wrote:
> Great question! Since taming is a judgment intense process, 
> potentially fraught with security-critical errors, the Joe-E folks 
> decided to first tame the Java libraries independently, and then 
> compare the resulting decisions. Where we largely agree, we're not 
> sure what that means -- we might simply have been led into making the 
> same errors. But where we disagree, at least we'll know to pay special 
> attention to those places. Did you see anywhere where we were both 
> taming the same class but arriving at different taming decisions?
>
I haven't seen anything substantial yet.  For example, I looked at 
File.java. E has it tamed, but Joe-E has simply suppressed every method. 
(I'm guessing to be safe until taming decisions are made.)  From reading 
the aforementioned link,  I'm guessing it has something to do with the 
resolution of "..".  E can wrap the class and check for "..".  But, I 
don't see how Joe-E would be able to do that without shipping its own 
version of File.java. 
    This leads to other issue I'm having.  I'm not really sure what 
classes I can make valid comparisons between.  Joe-E is a subset of Java 
while E is its own language.  So E has more flexibility in what it can 
do to tame classes.  Should I look at classes like Boolean.java?  It 
seems E may use it in its implementation of its own boolean type, but it 
may also add or remove things, making a simple comparison between safej 
files incomplete.

I did actually look at Boolean.safej.  In both, the method getBoolean() 
was suppressed because it accesses a system property.  Joe-E allows more 
methods than E it seems, like toString() and parseBoolean(), but those 
seem like methods E wouldn't have to tame because they would be 
implemented elsewhere in the E language.

Also, I do have one other question about the safej files.  In Joe-E, 
they use the static tag and instance tag.  In E's safej files, they use 
a statics tag and methods tag.  Are the methods tag and instance tag 
denoting the same methods?   Or is E using that tag to add its own 
methods?  I noticed in Boolean.safej that under "methods", E has listed 
some methods I couldn't find in the Java API like and(), not(), or(), 
xor(), and pick(obj, obj).

Thanks again,
Jimmy

More information about the e-lang mailing list