Why String has been made immutable in Java?
Though, performance is also a reason (assuming you are already aware of the internal String pool maintained for making sure that the same String object is used more than once without having to create/re-claim it those many times), but the main reason why String has been made immutable in Java is 'Security'. Surprised? Let's understand why.
Suppose you need to open a secure file which requires the users to authenticate themselves. Let's say there are two users named 'user1' and 'user2' and they have their own password files 'password1' and 'password2', respectively. Obviously 'user2' should not have access to 'password1' file.
As we know the filenames in Java are specified by using Strings. Even if you create a 'File' object, you pass the name of the file as a String only and that String is maintained inside the File object as one of its members.
Had String been mutable, 'user1' could have logged into using his credentials and then somehow could have managed to change the name of his password filename (a String object) from 'password1' to 'password2' before JVM actually places the native OS system call to open the file. This would have allowed 'user1' to open user2's password file. Understandably it would have resulted into a big security flaw in Java. I understand there are so many 'could have's here, but you would certainly agree that it would have opened a door to allow developers messing up the security of many resources either intentionally or un-intentionally.
With Strings being immutable, JVM can be sure that the filename instance member of the corresponding File object would keep pointing to same unchanged "filename" String object. The 'filename' instance member being a 'final' in the File class can anyway not be modified to point to any other String object specifying any other file than the intended one (i.e., the one which was used to create the File object).
Liked the article? Subscribe to this blog for regular updates. Wanna follow it to tell the world that you enjoy GeekExplains? Please find the 'Followers' widget in the rightmost sidebar.
 |
RSS Feed (xml)
17 comments:
you have a nice site.thanks for sharing this site. various kinds of ebooks are available here
http://feboook.blogspot.com
Good insight.... quite a different view.Moreover with immutability Thread safety comes free,we need not bother about thread safety for immutable objects.
wow...very nice answers..satisfactory and convincing..thnx a lot man
Good points and I agree with them. There is an excellent discussion on it here: http://stackoverflow.com/questions/3584945/non-technical-benefits-of-having-string-type-immutable
Really nice different view for Strings, thanks expect more from you.
Quite a different view for String, also convincing, thanks and expecting more from you.
Wow! Didn't look at it that way before!
Great read! :)
Great site. Good information. Like it. Will be back to read more soon.
Good article. gotta spark for my next post. Thanks. I have few trick’s of String in my site. Do Visit and support guys.
Kumar
http://kumkumaa.blogspot.com/
Cool ... I had read so many times that strings are immutable but is not aware of the same thanks for sharing gr8 info !
http://linux4genext.blogspot.com
It's very great post. This is really helpful for me.Thanks for sharing it.
Explanation of answers each question is excellent, expecting few more topics to cover such as J2EE fundamentals.
Good explanation of topic..looking for more topics.
dis z one of the awesome site i hav every visited. thanks a lot for your patience and explanation.
You learn something new everyday :) Thanks for the post
What's up to all, the contents present at this website are really amazing for people knowledge, well, keep up the good work fellows.
Here is my blog bnc cable
Hey, I had a great time reading your website. Can I contact you through email?. Please email me back.
Regards,
Angela
angelabrooks741 gmail.com
Post a Comment