Lecture series on SES and capability-based security by Mark Miller

Axel Rauschmayer axel at rauschma.de
Fri Nov 4 10:37:43 PDT 2011

>    function Bob(t) {
>       var stolenArray;
>       var hackedPush = function() {
>           stolenArray = this;
>       };
>       t.store("push", hackedPush);
>       t.add(0);
>       console.log(stolenArray);
>    }
>    Bob(makeTable());

As an aside: This problem would go away if we really did distinguish between accessing a property and accessing a collection element. Then the former would be done via Object.* methods, while the latter would be done via square brackets.

Dr. Axel Rauschmayer
axel at rauschma.de

home: rauschma.de
twitter: twitter.com/rauschma
blog: 2ality.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20111104/44fa3c72/attachment.html>

More information about the es-discuss mailing list