__proto__ security

Oliver Hunt oliver at apple.com
Sun Feb 12 12:42:39 PST 2012


On Feb 12, 2012, at 11:28 AM, Brendan Eich wrote:
> Heh, I knew that was coming. I'll amend to say "of long standing" after "implementations" :-P.
> 
> I still have a gut feeling that someone is going to take advantage of the setter for bad purposes that will be harder to block than would be the case if __proto__ reflected as a data property. But I can't prove this.

I'm not sure about this -- the JSC+V8 model for __proto__ was a magic property on the object itself, not the prototype, so anything that could access an object could mutate its prototype.  Pushing the property onto the prototype doesn't add any more restrictions over that (if you can access an object, by definition you can access its prototype).  If you pull the setter function off of the prototype you can still only apply it to objects you could already access.

--Oliver

> 
> /be
> _______________________________________________
> es-discuss mailing list
> es-discuss at mozilla.org
> https://mail.mozilla.org/listinfo/es-discuss



More information about the es-discuss mailing list