Are private members really more “secure” in Java?

Question

Learning Java I was sometimes taught to use the private access modifier so as not to expose \"sensitive information\" to other classes, as if this could open a legi

Answer 1

private isn't really for security, since reflection can bypass it (modulo classloader/secure classloader stuff). It serves as an indication of intent, and as barrier to one type of programming error.

But consider a third-party API--API users don't even see the private properties or methods. It's not just about your own code, it's about what code is exposed to others. (Again looking at it from a "I'm not trying to break in to the code" standpoint.)

Answer 2

I think the meaning of "security" by your instructor was not about keeping hackers out, but rather keeping bugs out. By making everything as private as possible, you limit the ways that one class can mess with another class without it knowing. This is an example of Modular Programming.