On Fri, Jan 6, 2012 at 9:27 AM, Andrea Giammarchi < andrea.giammar...@gmail.com> wrote:
> that whole variable can be redefined or used as communication channel ... > I really don't understand what is the problem. The variable "Object"? No, in SES that's unassignable. As layered on ES5, we enforce that simply by making globalObject.Object a non-writable non-configurable data property. > > The returned bound once object could be frozen without problems but if the > function is private with the gist I have posted: > Essentially yes. The returned bound object would have to be transitively immutable, but in this case freeze may be enough. Of course, this can't be a fix to "bind" since that would break bind's current behavior. But if it were a new API as you suggest, that would no longer violate any principles, I believe. Separately, I do not believe the need for this is adequate to justify adding a new API. But that's a completely different topic. > > 1. you cannot redefine Object.prototype at all > 2. you cannot access single bound function/object from any other place > > If I have my own scope I want to do what's needed, this does not mean the > problem does not exist, isn't it? > > In your case you have, as example, different problems with that WeakMap > > 1. everyone can WeakMap = function () {}; anywhere > Again, no they can't because all whitelisted global variables are unassignable. > 2. if already defined, the definition of Object getOwnPropertyDescriptor > to avoid access to that "protected" variable will fail and throw an error > ... isn't it? That does not look safe either > 3. as you wrote, Proxy easily discover that secret > 4. your implementation has same problem I am talking about ... trapped > "protected/private" stuff others should not see > > Same stuff with my problem except even proxy won't be able to retrieve > that bound function since no property is attached. > > I can't hardly believe you are so worried about an edge case and you don't > see the pachyderm we are all dealing with ... properties attached and > accessible "from everyone" ... this is for you safe? > > Is obj.bound = obj.method.bind(obj) a better approach than the one I am > suggesting ? > > I am sorry but I don't think so. > I don't think the benefits you explain are worth the cost of a new API. But that's separate from the security issue. > > Best Regards > > > On Fri, Jan 6, 2012 at 6:03 PM, Mark S. Miller <erig...@google.com> wrote: > >> On Fri, Jan 6, 2012 at 1:50 AM, David Bruant <bruan...@gmail.com> wrote: >> >>> Le 06/01/2012 10:40, Andrea Giammarchi a écrit : >>> >>> if WeakMaps are so smart ... it means we cannot shim them without >>> causing leaks in non WeakMap ready browsers since no magic will >>> happen,objects as keys will simply be persistent in the WeakMap private >>> scope >>> >>> Indeed. Also, Mark Miller mentionned a couple of times that the SES >>> polyfill [1] leaks less than one could expect. I haven't taken the time to >>> look into that but it's probably worth mentionning. >>> >> >> And it's probably worth looking into ;) >> >> >>> [1] >>> http://code.google.com/p/es-lab/source/browse/trunk/src/ses/WeakMap.js >>> >>> >>> >> -- >> Cheers, >> --MarkM >> > > -- Cheers, --MarkM
_______________________________________________ es-discuss mailing list es-discuss@mozilla.org https://mail.mozilla.org/listinfo/es-discuss