Security Demands Simplicity (was: Private Slots)
Tom Van Cutsem
tomvc.be at gmail.com
Mon Jan 21 13:31:57 PST 2013
2013/1/21 Kevin Smith <khs4473 at gmail.com>
> A root problem is that on method invocations through a proxy methods of
>> the target object are invoked with the proxy, rather than the target, as
>> the this value. This means that any assumption the methods have about
>> valid this values are broken.
> I believe this is correct. It is a separate proxy issue not directly
> related to WeakMap/private symbol debate.
assumptions about their |this| values. The |this| value can be any random
object. It's just the zeroth parameter to a function. That's why in
traits.js (which was designed for high-integrity abstractions) we decided
to .bind() all methods so the |this| value could be relied upon.
Let's talk through Allen and Brandon's suggestion of auto-unwrapping
private symbol access on proxies.
If a membrane can intercept all exchanged private symbols I think this
could be made to work.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the es-discuss