Security Demands Simplicity (was: Private Slots)
allen at wirfs-brock.com
Sun Jan 20 17:16:34 PST 2013
On Jan 20, 2013, at 4:53 PM, Brendan Eich wrote:
> Allen Wirfs-Brock wrote:
>>> Perhaps you're in favor of that in addition? But if so, how would one proxy such that the @@DateValue symbol was the name parameter to get and set traps?
>> I'm not sure if you are getting at something other than what I've described above. If a @@DateValue private symbol is actually used as the implementation of [[DateValue]] then actuality that would happen.
>> Were you thinking about something different?
> See Brandon's followups. Proxies can tell if an object is fielding direct vs. delegated accesses.
IO'm probably being dense, but I don't seen the issue. This sounds like further support for the idea of direct forwarding of private symbol based internal methods to the ultimate target without any observability by the Proxy handlers.
If the concern is abstractions that are directly implemented using Proxy (rather than things like membrane wrappers) then the implementation of the abstraction knows about this behavior and can structure its target object to handle its private Symbol property requests.
More information about the es-discuss