SAS Research Interview Question Software Engineer / Developers
0of 0 voteswhy is string immutable?
Team: BIRD
Country: India
Interview Type: In-Person
Though, performance is also a reason (assuming you are already aware of the internal String pool maintained for making sure that the same String object is used more than once without having to create/re-claim it those many times), but the main reason why String has been made immutable in Java is 'Security'. Surprised? Let's understand why.
Suppose you need to open a secure file which requires the users to authenticate themselves. Let's say there are two users named 'user1' and 'user2' and they have their own password files 'password1' and 'password2', respectively. Obviously 'user2' should not have access to 'password1' file.
As we know the filenames in Java are specified by using Strings. Even if you create a 'File' object, you pass the name of the file as a String only and that String is maintained inside the File object as one of its members.
Had String been mutable, 'user1' could have logged into using his credentials and then somehow could have managed to change the name of his password filename (a String object) from 'password1' to 'password2' before JVM actually places the native OS system call to open the file. This would have allowed 'user1' to open user2's password file. Understandably it would have resulted into a big security flaw in Java. I understand there are so many 'could have's here, but you would certainly agree that it would have opened a door to allow developers messing up the security of many resources either intentionally or un-intentionally.
With Strings being immutable, JVM can be sure that the filename instance member of the corresponding File object would keep pointing to same unchanged "filename" String object. The 'filename' instance member being a 'final' in the File class can anyway not be modified to point to any other String object specifying any other file than the intended one (i.e., the one which was used to create the File object).
String immutability has nothing to do with security.
You said if it were mutable then somehow you would modify
to an invalid filename after authentication and screw things up.
I say, you can do that even is it is immutable. After authentication, use your same method to modify the
value of filename and *refer* to new invalid string value
and still screw things up.
In such case I would try to secure File object and not
String object.
The main reasons for immutability is:
1. As you mentioned performance (String pooling and sub-
string re-using).
2. Safety while working in a multi-threaded environment.
@kartikaditya: No. Security is a legitimate concern here. If a field is immutable and final, there is no way to change it without having the proper privileges, barring a bug in the JVM. There have actually been significant security exploits in Java that worked with the idea of time-of-check vs. time-of-use vulnerabilities, where the attacker would create a security-restricted object (think Socket, file stream, etc.) using some mutable object, the security manager would check that the proper permissions exist to create the object with the specified input, and then the user would maliciously alter the input to affect the internals of the object in an unauthorized way.
That doesn't necessarily mean String should be immutable for that reason alone. Certainly, mutable objects are necessary sometimes. To write secure code in situations where you're dealing with mutable objects, a deep copy of the object should be created, and any data validation checks should be run only on this internal, defensive copy. (Even if the security manager checks for valid data, if the checks are run on the original, not-copied input, an exploit is possible where the attacker would use another thread to modify the input right after it passes the security check and right before it is actually used in the constructor of the restricted object.)
I would say that String was mostly made immutable to make programming errors, both those related to security and those related to program correctness, less likely. Since we generally think of strings as value types and Java doesn't have value types, Java makes strings immutable because immutable value types behave in the same way as immutable reference types (and immutable reference types can have better performance than immutable value types, too).
The reason why string is immutable can be:
1. Security : Since java uses String for various purpose like class loading, so if it was mutable someone could have changed my class com.abc. to com.pqr at runtime.
2. Improving performance: Any frequent change in a string requires various things to be re-calculated again like hashcode, length, since its immutable it just caches its hashcode which makes it very fast as a hashmap key
3. Can be safely shared between threads.
4. In case of String pool one string object/literal is referenced by many reference variables , so if any one of them change the value others will be automatically gets affected.
A String is called immutable because its value cannot be modified once it has been created. Methods that appear to modify a String actually return a new String containing the modification.
That is OK, but you haven't answered the question.
You answered the question: "What does immutable mean?"
The question was why STRINGS are immutable.
The reason why strings are immutable is because they are allocated memory in the constant memory region within the process.
This is not correct. Constant strings might be allocated there, but not all strings. Otherwise how could you construct a new string?
@selmeczy
What do you mean by constant strings and all strings.
when you have a statement like
char* str = "hello" ; this is a constant string and it is allocated in the constant memory and it is indeed immutable.
Only such constant strings are immutable. A string in the form of Char array / or One that is dynamically allocated are mutable. Can you give me a counter example ?
string immutability allows i.e. for string interning / flyweight pattern where multiple objects can reference the same string w/o danger of it changing - this can save a lot of memory. Another advantage is the inherent thread safety.
- Anonymous December 22, 2011