July 26, 2012 TC39 Meeting Notes
Tom Van Cutsem
tomvc.be at gmail.com
Mon Sep 24 01:04:49 PDT 2012
2012/9/24 David Bruant <bruant.d at gmail.com>
> Le 23/09/2012 22:04, Herby Vojčík a écrit :
> > Hello,
> >
> > maybe I missed something, but how will you secure the whitelist
> > itself? Malicious proxy knowing righteous one can steal its whitelist,
> > afaict.
> I'm sorry, I don't understand what you're saying here. Can you be more
> specific and provide an example of an attack?
>
> As far as I'm concerned, I consider the design secure, because it's
> possible to easily write code so that only a proxy (or it's handler to
> be more accurate) has access to its whitelist and nothing else.
Right. Perhaps what Herby meant is that the proxy might provide a malicious
whitelist to steal the names being looked up in them. This will be
prevented by requiring the whitelist to be a genuine, built-in WeakSet. The
proxy will use the built-in WeakSet.prototype.get method to lookup a name
in that whitelist, so a proxy can't monkey-patch that method to steal the
name either.
Cheers,
Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20120924/f8a98702/attachment-0001.html>
More information about the es-discuss
mailing list