Module isolation

David-Sarah Hopwood david-sarah at
Mon Jan 11 20:11:44 PST 2010

Kevin Curtis wrote:
> So, FF3.5 has resurrected the sandboxed eval with the second 'global' object
> parameter - as the closure peeking issue has been fixed. (The second param
> is a live object rather than a string). And thus if the second param object
> is frozen (and the primordials and their prototypes etc frozen) FF3.5 eval
> could act as a restricted eval.

FF3.5 eval is undocumented, but if I'm reverse-engineering the source code
patch (
correctly, it still violates encapsulation.

A restricted eval should be specified from scratch, not based on what a
poorly thought-out vendor extension happens to do.

David-Sarah Hopwood  ⚥

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 292 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the es-discuss mailing list