Lecture series on SES and capability-based security by Mark Miller

Axel Rauschmayer axel at rauschma.de
Fri Nov 4 18:50:28 PDT 2011

> As an aside: This problem would go away if we really did distinguish between accessing a property and accessing a collection element. Then the former would be done via Object.* methods, while the latter would be done via square brackets.
> I admit that I haven't followed the previous thread on ".[" and such. Is there a short summary? I ask because my diagnosis is similar but my conclusion is reversed. The lesson I take from this is not to use objects as maps. It you want a map, create a Map() and say map.get(key) and map.set(key, value) rather than using square brackets.
> The remaining case is arrays. My conclusion there is to always say array[+i] rather than array[i]. If Alice had already been practicing this as a habit, then her table abstraction would have been naturally robust against this attack even if Alice never thinks of this specific attack.
> Having eliminated both of these uses of unmarked square brackets (lists and maps), the only remaining justified use of unmarked square bracket indexing is reflection. If you see an unmarked square bracket that's not doing reflection, you should probably refactor. 

I agree completely (see also my other email):
- Never use objects as maps.
- Introduce collection classes.
- Try to make arrays fit into the collection framework.

Dr. Axel Rauschmayer
axel at rauschma.de

home: rauschma.de
twitter: twitter.com/rauschma
blog: 2ality.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20111105/b9c8605d/attachment-0001.html>

More information about the es-discuss mailing list