Effective Java 2nd describes the Enum Implementation as the best practice to implement a Singleton in Java.
But the advantage of that implementation against the Static Holder Implementation is that the enum
can prevent the reflection attack.
So, there comes the question: Why do we need to prevent the reflection attack of singleton?
The other implementations of Java Singleton are just resolving the issues of multiple threads and lazy initialization.
These problems will and often appear at the daily development, but the reflection attack seems more like a Security Issue.
If the attacker can hack and crack your program, he and she could do whatever he and she wants, it seems it is no need to break the Singleton.
Aucun commentaire:
Enregistrer un commentaire