Code which has a legitimate need to perform certain methods on an object
must be explicitly restricted from performing other methods on the
same object.
Let's use the database as an example. I've designed a spreadsheet which
takes the data from the Transactions Table and displays them in a nice
format to the user. The Spreadsheet class will need access to the
Table.readRow method in order to complete it's task, but it will not
need access to any of the write functions of database. In fact, I might
want to explicitly restrict the Spreadsheet class from accessing the
write methods, particularly if i allowed a third party to subclass the
Spreadsheet to make it even prettier. I would not want the third party
to maliciously or accidently change the sensitive information in the
transaction log.
Such a scenario becomes more meaningful when we're discussing electroinic
commerce in an extensible system.