simple modules
Brendan Eich
brendan at mozilla.com
Tue Feb 2 10:41:50 PST 2010
On Feb 1, 2010, at 7:17 PM, ihab.awad at gmail.com wrote:
> Because any object I create in my Context is capable of gaining access
> to the filesystem simply by uttering "import fs", the "fs" authority
> is ambient in my Context.
This is simply not the case. The Context proposal needs to be written
still, but we have already discussed several times how a Context can
have its own module id resolver, which can deny "fs" and anything else
to the would-be importer.
> These patterns *are* precisely what is meant when we talk about an
> object capability language. They are precisely what must be supported
> by an object capability subset of an existing language.
JS is not going to *become* an objcap language. The Harmony goal of a
statically verifiable secure subset is about a subset, not just
leaving out legacy features we can't get rid of, but possibly also new
features added for convenience and usability.
The full language is not required to have objcap-only new features.
There's a related debate in the committee about new sources of non-
determinism, which is ongoing.
But the point of order I am raising is this: modules for Harmony, and
other additions to the full set (not the secure subset) are not
required to be object capability language features or patterns, and
only objcap features.
/be
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20100202/dae1b625/attachment.html>
More information about the es-discuss
mailing list