SES prototype mostly working on latest Minefield, WebKit, and Chromium betas

Mark S. Miller erights at
Mon Aug 30 16:39:46 PDT 2010

On Mon, Aug 30, 2010 at 3:12 PM, Mark S. Miller <erights at> wrote:

> May crash your browser or page:
> <>Sources at
> This has only been lightly tested and should **not** be relied on to have
> any security properties yet.
> The claim I working up to is that, on a securable ES5 implementation (<
>>), these scripts create
> an SES environment (<>)
> implementing the object-capability security model and solving the safe
> mashup problem (<>).
> Unfortunately, since there is not yet any full browser-based
> implementations of ES5, the present state of these scripts have various
> compromises that preserves their functionality but loses security. These are
> documented in the various files under "KLUDGE SWITCHES". With these kludges,
> from *extremely* light testing, it seems to work on the latest
> * Firefox Minefield 4.0b5pre,
> * Safari WebKit Nightly Version 5.0.1 (5533.17.8, r66356), and
> * Chromium beta 6.0.490.0 (3135).
> As soon as I get my VMWare installation fixed, I'll test on the IE9 preview
> as well. Opera 10.61.8429 does not yet implement Object.getOwnPropertyNames,
> so I can't even test there.
> This implementation of SES cannot run on ES5/3 (<
> as is because of the lack of a client side eval. The current plan is to
> support SES5/3 directly, rather than porting these scripts to run on ES5/3.
> Like ADsafe, this is all implemented by a lightweight client-side library,
> with no server-side support need. Minified, the total size of the download
> comes in under 5k.

Minified and gzipped that is.

> Because it does not parse or transform code, aside from calls to "eval" or
> the "Function" constructor, the untrusted code runs at full speed and with
> no code expansion. Due to various transient problems, the safe eval is
> currently called "eval2" and "eval" remains unsafe.
> Interestingly, this library contains a surprising faithful emulation of
> WeakMaps on ES5 browsers that don't support WeakMaps directly (<
> >).
> --
>     Cheers,
>     --MarkM

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the es-discuss mailing list