308
edits
Changes
→Conceptual description
= Conceptual description =
In this model, security checks are performed as needed in the code flow. For example, before setting some internal member of a class, we could check whether the caller is allowed to set it. This model requires keeping track, throughout our code, of who "the caller" is. This is more or less the current model, except we pretty much completely screw it up.
= Pros and cons =
= Implementation notes =
