July 26, 2012 TC39 Meeting Notes

Tom Van Cutsem tomvc.be at gmail.com
Mon Sep 24 01:04:49 PDT 2012

2012/9/24 David Bruant <bruant.d at gmail.com>

> Le 23/09/2012 22:04, Herby Vojčík a écrit :
> > Hello,
> >
> > maybe I missed something, but how will you secure the whitelist
> > itself? Malicious proxy knowing righteous one can steal its whitelist,
> > afaict.
> I'm sorry, I don't understand what you're saying here. Can you be more
> specific and provide an example of an attack?
> As far as I'm concerned, I consider the design secure, because it's
> possible to easily write code so that only a proxy (or it's handler to
> be more accurate) has access to its whitelist and nothing else.

Right. Perhaps what Herby meant is that the proxy might provide a malicious
whitelist to steal the names being looked up in them. This will be
prevented by requiring the whitelist to be a genuine, built-in WeakSet. The
proxy will use the built-in WeakSet.prototype.get method to lookup a name
in that whitelist, so a proxy can't monkey-patch that method to steal the
name either.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20120924/f8a98702/attachment-0001.html>

More information about the es-discuss mailing list