new function syntax and poison pill methods

Mark S. Miller erights at google.com
Fri Oct 26 15:59:16 PDT 2012


On Fri, Oct 26, 2012 at 3:45 PM, David Bruant <bruant.d at gmail.com> wrote:

>  Le 27/10/2012 00:23, Kevin Reid a écrit :
>
> How about: there must be no *nonstandard non-configurable properties* of
> standard objects.
>
> Good. This agrees with <
http://wiki.ecmascript.org/doku.php?id=conventions:make_non-standard_properties_configurable
>.

>
>  This directly implies “SES can do its job of deleting everything not
> whitelisted”, and does not rely on the spec blacklisting undesirable
> behaviors.
>
> Interesting. I think there are two slightly different problems to solve:
> 1) Make applications written in the language securable
> 2) Make applications written in the language not insecure
>
> ES5 strict mode, by poison-pilling .caller and .arguments and by fixing
> dynamic scoping features took in the direction of making the language not
> insecure by default.
>

Did you mean "not insecurable by default". ES5 strict by itself is
certainly far from secure (or "not insecure"). But because of poison pills
and such, ES5 is securable.


> The addition of Object.freeze and a couple of other things went in the
> direction of making the applications securable.
>
> I feel I was going for making the language not insecure with my section 2
> refinement, but I guess which is better really depends on the danger
> provided by the non-standard capability.
> I guess there is a case for both. Maybe the refinment I proposed could
> fall into 2 subsections: one for "don't ever add this kind of capability to
> the language or you're putting users at risk" and another for "if you add
> this kind of capability, make sure it's securable" (non-configurable I
> assume for most cases).
>

Did you mean "configurable"?



> In a way, the recent agreement on __proto__ is of the latter category :-)
>
> David
>



-- 
    Cheers,
    --MarkM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20121026/b64a4075/attachment-0001.html>


More information about the es-discuss mailing list