Lecture series on SES and capability-based security by Mark Miller

Juan Ignacio Dopazo dopazo.juan at gmail.com
Fri Nov 4 08:50:50 PDT 2011


On Thu, Nov 3, 2011 at 7:55 PM, Mark S. Miller <erights at google.com> wrote:
>
>      function makeTable() {
>       var array = [];
>       return Object.freeze({
>         add: function(v) { array.push(v); },
>         store: function(i, v) { array[i] = v; },
>         get: function(i) { return array[i]; }
>       });
>     }
>
>  Given just a table instance, can Bob nevertheless obtain direct access to
> the underlying array?
>

So Bob can cheat by extending Array.prototype, right?

Object.defineProperty(Array.prototype, 'self', {
  get: function() {
    return this;
  }
});
console.log(table.get('self'));

That's why Douglas proposes using var array = Object.create(null), an
object without a prototype that can be extended.


Juan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20111104/d382186a/attachment.html>


More information about the es-discuss mailing list