__proto__ security

Mark S. Miller erights at google.com
Mon Feb 13 12:24:21 PST 2012


On Mon, Feb 13, 2012 at 9:55 AM, Allen Wirfs-Brock <allen at wirfs-brock.com>wrote:
[...]

> This would allow implementations to use either a data property or a access
> property for Object.prototype.__proto__.
>

-1. I prefer any securable fully specified alternative discussed in this
thread (including your prior draft) over leaving such broad observables
unspecified.

It reminds me of a story:

I am old enough that I remember when programmers felt passionately about
byte order. There were high endian machines and their advocates, and there
were low endian machines and their advocates. (I was low endian myself back
then.)

Decades later, I forgot all about these strong feelings until I heard
someone (Bill Frantz?) observe:

    Compared to the status quo, both sides now prefer that the other side
had won.

I certainly do.

-- 
    Cheers,
    --MarkM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20120213/6392077e/attachment.html>


More information about the es-discuss mailing list