On Scope And Prototype Security

Andrea Giammarchi andrea.giammarchi at gmail.com
Tue Mar 19 15:23:13 PDT 2013


oh dear ... even the example did not explain ... how can that be ?

@Rick is not because of my alzheimer that I did **not** freeze the private
object. I want to manipulate that because that's my object and I want to
expose objects that inherits from it without giving anyone the possibility
to reach my private, own, object!

I don't want to be able to freeze the object, I don't want anyone "out
there" to even reach it ... via __proto__ or getPrototypeOf, got it?

@Juan I don't want the complexity of a Proxy, I want objects that inherit
from my private object so that what changes in my private object reflects
automatically everywhere. There is no need to Proxy, IMHO, this stuff was
again already possible in ES3 ignoring __proto__, I am talking about
standards.
However, if you want, Proxy is more or less what I meant with the private
object.

@Claus __proto__ is a disaster, if you ask me, but the problem is that even
if __proto__ disappears, as it should, there is still
Object.getPrototypeOf(object) able to retrieve my private object.

@Claude ... the example goes close, but it won't work as it is and it
cannot be used as generic method, isn't it ?
Also that suffers from the fact that I cannot hide runtime, I need to hide
first, and send the Proxy result or the __proto__ won't be hidden, right?

@all ... bear in mind, my example works already in ES3 ... you can try it
in IE 5 ... I am not kidding ... there's no Object.getProottypeOf(object)
there, neither object.__proto__

Best Regards



On Tue, Mar 19, 2013 at 3:08 PM, Claus Reinke <claus.reinke at talk21.com>wrote:

> var public = (function(){
>>  var private = {
>>  };
>>  return Object.freeze(
>>    Object.create(private)
>>  );
>> }());
>>
>> // why I cannot avoid this? I'd **LOVE** to!
>> Object.getPrototypeOf(public).**test = 123;
>> alert(public.test); // 123
>>
>
> At first, I thought you were right - __proto__ is an object property,
> so there should be a way to turn it into a private property (assuming
> ES6 will have such).
>
> Then I thought, it would have to be protected, not private - if I extend
> the prototype chain further down, I should still be able to go up through
> this __proto__ here, right?
>
> My current thinking is still different: __proto__ is *not* a normal
> object property, it is an implementation shorthand for extending
> an object. If we were to copy all the methods from the prototype
> chain into a single "class" object, that would serve the same purpose, the
> __proto__ links just save space.
>
> In other words, you want to protect/make private the properties of the
> objects that __proto__ points to, and those objects themselves, not the
> __proto__ link.
>
> For that purpose, a deep chain freeze, following the prototype chain,
> and freezing all objects in it, would be less confusing/error prone than
> the shallow Object.freeze we have. Apart from the fact that
> sharing of objects in the chain might freeze someone else's prototypes.
>
> Claus
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20130319/ee569928/attachment.html>


More information about the es-discuss mailing list