FW: Proposal: safeEval
Mike Samuel
mikesamuel at gmail.com
Wed Jun 20 19:51:02 UTC 2018
On Wed, Jun 20, 2018 at 2:26 PM doodad-js Admin <doodadjs at gmail.com> wrote:
>
>
> I was not aware of that proposal or didn’t pay attention.I think
> “safeEval” provides ACLs, while your proposal don’t.
>
Neither the realms proposal nor the frozen realms proposal include ACLs.
Where are the ACLs in safeeval?
I see some privileges via options at L72-75
<https://github.com/doodadjs/doodad-js-safeeval/blob/e895e88ff6100dcdd15edfcedff4bd85aaec099c/src/common/Tools_SafeEval.js#L72-L75>
:
const preventAssignment = types.get(options, 'preventAssignment', true),
allowFunctions = types.get(options, 'allowFunctions', false), //
EXPERIMENTAL
allowNew = types.get(options, 'allowNew', false), // EXPERIMENTAL
allowRegExp = types.get(options, 'allowRegExp', false); // EXPERIMENTAL
but, as I understand the term, ACLs are usually the set of privileges
available to a principal, the rows in an access control matrix.
How are you defining "principal?"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20180620/c0474ce8/attachment-0001.html>
More information about the es-discuss
mailing list