On Fri, Jan 6, 2012 at 9:27 AM, Andrea Giammarchi <
andrea.giammar...@gmail.com> wrote:
> that whole variable can be redefined or used as communication channel ...
> I really don't understand what is the problem.
The variable "Object"? No, in SES that's unassignable. As layered on ES5,
we enforce that simply by making globalObject.Object a non-writable
non-configurable data property.
>
> The returned bound once object could be frozen without problems but if the
> function is private with the gist I have posted:
>
Essentially yes. The returned bound object would have to be transitively
immutable, but in this case freeze may be enough. Of course, this can't be
a fix to "bind" since that would break bind's current behavior. But if it
were a new API as you suggest, that would no longer violate any principles,
I believe.
Separately, I do not believe the need for this is adequate to justify
adding a new API. But that's a completely different topic.
>
> 1. you cannot redefine Object.prototype at all
> 2. you cannot access single bound function/object from any other place
>
> If I have my own scope I want to do what's needed, this does not mean the
> problem does not exist, isn't it?
>
> In your case you have, as example, different problems with that WeakMap
>
> 1. everyone can WeakMap = function () {}; anywhere
>
Again, no they can't because all whitelisted global variables are
unassignable.
> 2. if already defined, the definition of Object getOwnPropertyDescriptor
> to avoid access to that "protected" variable will fail and throw an error
> ... isn't it? That does not look safe either
> 3. as you wrote, Proxy easily discover that secret
> 4. your implementation has same problem I am talking about ... trapped
> "protected/private" stuff others should not see
>
> Same stuff with my problem except even proxy won't be able to retrieve
> that bound function since no property is attached.
>
> I can't hardly believe you are so worried about an edge case and you don't
> see the pachyderm we are all dealing with ... properties attached and
> accessible "from everyone" ... this is for you safe?
>
> Is obj.bound = obj.method.bind(obj) a better approach than the one I am
> suggesting ?
>
> I am sorry but I don't think so.
>
I don't think the benefits you explain are worth the cost of a new API. But
that's separate from the security issue.
>
> Best Regards
>
>
> On Fri, Jan 6, 2012 at 6:03 PM, Mark S. Miller <erig...@google.com> wrote:
>
>> On Fri, Jan 6, 2012 at 1:50 AM, David Bruant <bruan...@gmail.com> wrote:
>>
>>> Le 06/01/2012 10:40, Andrea Giammarchi a écrit :
>>>
>>> if WeakMaps are so smart ... it means we cannot shim them without
>>> causing leaks in non WeakMap ready browsers since no magic will
>>> happen,objects as keys will simply be persistent in the WeakMap private
>>> scope
>>>
>>> Indeed. Also, Mark Miller mentionned a couple of times that the SES
>>> polyfill [1] leaks less than one could expect. I haven't taken the time to
>>> look into that but it's probably worth mentionning.
>>>
>>
>> And it's probably worth looking into ;)
>>
>>
>>> [1]
>>> http://code.google.com/p/es-lab/source/browse/trunk/src/ses/WeakMap.js
>>>
>>>
>>>
>> --
>> Cheers,
>> --MarkM
>>
>
>
--
Cheers,
--MarkM
_______________________________________________
es-discuss mailing list
es-discuss@mozilla.org
https://mail.mozilla.org/listinfo/es-discuss
