On Fri, Mar 2, 2012 at 9:48 AM, Carsten Haitzler <ras...@rasterman.com> wrote: > On Thu, 1 Mar 2012 23:59:26 +0100 Cedric BAIL <cedric.b...@free.fr> said: > >> On Thu, Mar 1, 2012 at 7:35 PM, Enlightenment SVN >> <no-re...@enlightenment.org> wrote: >> > Log: >> > elev8: Allow loading modules in runtime >> > >> > There are now two kinds of modules: native (.so) and JavaScript (.js). >> > Both >> > modules can be loaded using the same interface and is completely >> > transparent to the application developer, by using the global require() >> > function. For example, to load the elementary module: >> > >> > elm = require('elm'); >> > >> > This will try to open 'libelm.so' in the current directory, then >> > 'libelm.so' in elev8's module directory. If that fails, it will try to >> > open 'elm.js' in the current directory, then 'elm.js' in elev8's directory. >> > Should any of these attempts work, it will save the module in an internal >> > cache and return a reference to an object containing all exported symbols >> > from that module. >> >> That's a really great update. I really like this new activity in >> elev8. I have just a little concern about security. I would have >> choosen a different order. First I would have tried system module (in >> elev8's module directory), then I would have tried 'elm.js' in elev8's >> system directory. If all that's failed, I will try current directory, >> maybe first the javascript ('elm.js') and the module. Reason is that >> .so in current directory are much more likely to contain some nasty >> code. If by just putting a file in the right place I can inject native >> code, that's sound bad to me. > > security here is a matter for a later date. right now the point is for a js > app > to be ABLE to behave as fully as a native app. later on (already discussed) we > want to add security levels (eg on cmdline) that do things like disable module > loading at all, or limit sources (system only, user homedir only, or full > paths > and app-dir relative paths - eg app provides native modules) etc... also > modifying behavior. eg filesystem access api may start limiting what you have > access to at all - may totally sandbox you with zero fs access outisde the app > dir itself (data files, reado-only) and a app-specific config/data/cache dir, > and then nothing else, then with various levels of exposing more of the fs. > > but to start with... think of it as a native app but keep in mind the ability > of being able to pull in such security later on (via cmd-line args to elev8 > and/or envirnoment vars that get read long before any js kicks in).
ACK Lucas De Marchi ------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/ _______________________________________________ enlightenment-devel mailing list enlightenment-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/enlightenment-devel