FW: Proposal: safeEval
Mike Samuel
mikesamuel at gmail.com
Fri Jun 22 20:46:20 UTC 2018
On Fri, Jun 22, 2018, 4:21 PM doodad-js Admin <doodadjs at gmail.com> wrote:
>
>
> *you've provided no reason to believe that opcode filtering would provide
> a better balance between security and ease of writing than AST filtering*
>
>
>
> AST filtering is fragile because every change on the language can break it.
>
If you blacklist.
Yet you're providing a library that does just that and have still provided
no reason to believe that an opcode filtering proposal would be both more
secure and less brittle.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20180622/9767ad47/attachment-0001.html>
More information about the es-discuss
mailing list