simple modules

Brendan Eich brendan at
Wed Feb 3 12:39:34 PST 2010

On Feb 2, 2010, at 6:23 PM, Kris Kowal wrote:

>> Different module contexts may have different module ID resolvers,  
>> so for example it would be possible for host environments to  
>> provide a SecureESContext that didn't allow identifiers to resolve  
>> to the "filesystem" module or the "dom" module.
> This verbiage implies black-listing.  It would be good to be clear
> that the object formerly known as a "module context" should be
> explicitly populated with a white-list of module instances for SES.

Agreed, and good point.

Oprah moment: something about the way you wrote makes me want to plead  
for goodwill assumptions in our informal exchanges. No one on the  
committee is trying to open up capability leaks or introduce ambient  
authority. I doubt anyone is unfamiliar with the problems of  
blacklisting. It seemed clear to me that Dave was not specifying  
rigorously, just giving two examples.

(Ok, group hug :-P.)


More information about the es-discuss mailing list