Security Demands Simplicity (was: Private Slots)

David Bruant bruant.d at gmail.com
Sun Jan 20 10:45:07 PST 2013


Le 20/01/2013 18:59, Brendan Eich a écrit :
> David Bruant wrote:
>> I disagree with Brendan when he says "to use weakmaps for class 
>> private instance methods/variables"... well... it depends on what 
>> "use" means:
>> The spec is allowed to /use/ anything it needs to make the class 
>> private syntax work. If the spec says that private properties are 
>> like properties but aren't enumerated in Object.gOPN calls, fine. If 
>> the spec says that private properties require a lookup to some object 
>> -> value map, fine (but misleading, I agree). 
>
> I don't think we disagree.
>
> If there were no observable differences at all between weak maps and 
> private symbols, we would have only one. Since there are, and since 
> you propose to map private-in-class syntax onto weak maps in part on 
> account of these differences (viz, proxying and whitelist population 
> without privacy-leaks), here we are.
I don't understand, this paragraph went too quickly.
I understand that you're saying that the proposal I defend (which 
includes getting rid of private symbols) relies on the differences 
between private symbols and weakmaps and hence both are necessary?
Am I fully misunderstanding?

David


More information about the es-discuss mailing list