[[SetInheritance]] (was: General comments response (was Re: ES6 Rev13 Review: MOP-refactoring, symbols, proxies, Reflect module))

Allen Wirfs-Brock allen at wirfs-brock.com
Mon Dec 31 11:09:05 PST 2012


On Dec 31, 2012, at 7:28 AM, Brandon Benvie wrote:

> 
> On Monday, December 31, 2012, Tom Van Cutsem wrote:
> That said, I think this issue is orthogonal to our choice of whether or not to expose "setPrototypeOf" as part of the MOP. Even if we do expose it, any sandbox that wants to take away the ability the set the prototype can simply poison Reflect.setPrototypeOf in addition to deleting Object.prototype.__proto__.
> 
> Ive realized this is actually a potentially serious flaw with the module system with regards to how the builtin modules expose features. If you introduce Reflect.setPrototypeOf (or more generally, anything exposed as an export of a system module) there is no way for something like SES (user level) to remove access to it. There's no way to monkey patch these things or remove them or add new features to them because the modules aren't externally mutable. `delete Reflect.setPrototypeOf` is not currently an option.

I'll leave it to Dave or Sam to elaborate, but I don't think this is correct.    My understanding, is that such censoring can be accomplished by configuring a module loader to return an alternative implementation of the "@Reflect" (or however it is identified) which could either not export Reflect.setPrototypeOf or export an alternative implementation. 

Allen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20121231/c393401f/attachment-0001.html>


More information about the es-discuss mailing list