david-sarah at jacaranda.org
Mon Jan 11 11:13:39 PST 2010
Mark S. Miller wrote:
> On Mon, Jan 11, 2010 at 3:03 AM, Kevin Curtis <kevinc1846 at googlemail.com>wrote:
>> Re isolation, sandboxing - and modules.
>> Is there is a case for the ability to 'configure and freeze' a global
>> object for sandboxing, SES and maybe modules. Indeed the 'restricted eval'
>> can be seen as more specific case of an eval which takes a 'configured and
>> frozen global' environment. With a frozen global all bindings should be able
>> to be resolved at the time eval is called. Effectively, restricted evaled
>> code will have 'const x = <object>' binding added to it's scope - where 'x'
>> is a property from the configured global object.
>> N.B - if a restricted eval takes a second param as a string to configure
>> the 'global environment' for the evaled code then it would avoid the closure
>> peeking issue.
> What's the "closure peeking issue"?
David-Sarah Hopwood ⚥ http://davidsarah.livejournal.com
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 292 bytes
Desc: OpenPGP digital signature
More information about the es-discuss