Security impact of access modifiers (public, private, internal, protected)

Question

Do the access modifiers of classes, properties or methods in C#, Java and other programming languages actually have an impact on the security of an application? Do they also protect against unauthorized access in some way? Or are they just a tool for clear and propper programming?

Answer 1

As always with security it is necessary to understand what you are attempting to protect against. Have some idea of your threat model.

So, yes access modifiers are absolutely critical to the Java 2 Security Model, for dealing with mobile code. If, for instance, untrusted could clear the java.lang.System.security field, then that's the end of that (Update: I believe that specific example no longer works, but the principle remains). Access modifiers prevent illicit access through direct reference and also, with a runtime security check, even when accessed through reflection.

In other cases, it is just about code quality. Software security vulnerabilities are almost down to poor quality code, despite all the "we take security seriously" excuses. So access modifiers play a role everywhere.

Answer 2

No, access modifiers don't offer security protection. They are merely there for developer convenience, e.g. they help to enforce good coding practices and help with programming patterns.

It's easy to access otherwise inaccessible modifiers by using reflection in Java/C# and other languages.

Answer 3

The main purpose of the access modifiers is to enforce a specific design, not any kind of security.