Why is Java's "protected" less protected than default?

Question

In Java, we have four access specifiers: public, protected, package-private (default), and private. This is well known and not an issue for me.

My question is with regard to the naming of protected. As shown in the table here, giving a field the default access specifier of package-private prevents subclasses outside of the package from using it, but applying the keyword protected doesn't actually protect it – on the contrary, it opens it up to subclasses of any package.

So, why doesn't protected protect things; why is it less restrictive than no modifier at all?

`public`, `protected` and `private` access levels are copied from C++. Package private is unique to Java. I guess they used the same names as C++ just to be familiar and didn't want to add syntax for package level. — zch, Mar 25 '13 at 22:54
You could ask the same question if protected were the default. I don't understand why this is an issue — 75inchpianist, Mar 25 '13 at 22:54
because the guys designing the language decided to make it so. — JB Nizet, Mar 25 '13 at 22:54

score 6 · Answer 1 · answered Mar 25 '13 at 23:00

If we accept that those are the four access levels that should exist (private, package-private, package-private-plus-subclasses, and public), and we accept that package-private should be the default access level when you don't specify something else, then this question becomes: "why is package-private-plus-subclasses called protected?" And the answer to that is that it borrowed/inherited the term from C++ (which doesn't have a concept of "packages", but uses protected to mean "private-plus-subclasses").

(I'm posting this answer as community wiki to encourage others to add to it, since I'm guessing that there's more to the story than just this. Also, because someone may want to add some justification of why these are the four access levels that should exist — e.g., why we have package-private-plus-subclasses but no private-plus-subclasses — and of why package-private should be the default.)

score 4 · Answer 2 · answered Mar 25 '13 at 23:06

4

Since this is a rather open-ended question I'll offer some semi-relevant historical context. In Java 1.0 there was an additional access modifier, private protected. This was protected minus package access. This modifier was confusing, poorly implemented and removed by 1.1. This helps paint the picture that the package is the logical modular unit which is therefore the default level of access.

At the end of the day it comes down to a personal choice of what made sense to the developers. Everyone thinks differently so a naming convention that makes perfect sense to me may be deeply confusing for you (and vice versa).

answered Mar 25 '13 at 23:06

Aurand

5,487
1
25
35

Do you have a link for that? I don't recall reading it in the 1.0 Java Language Specification, but that was a long time ago. – jbindel Mar 25 '13 at 23:10
I'm having trouble finding a solid spec link, but there's this: http://journals.ecs.soton.ac.uk/java/tutorial/java/javaOO/accesscontrol.html – Aurand Mar 26 '13 at 18:19
Thanks! There's also this that indicates it was added to 1.0.2 and not in the earlier versions. http://www.jguru.com/faq/view.jsp?EID=15576 – jbindel Mar 26 '13 at 18:24

score 2 · Answer 3 · answered Mar 25 '13 at 22:59

Protected is more restrictive than public. That is why it is called what it is.

I wish the language designers would have named the default access specifier as "package-protected', because the default is very confusing to a lot of programmers. I would more be in favor for protected being the default, or there being no default at all.

Why is Java's "protected" less protected than default?

3 Answers3

Linked