[e-lang] makeProxy reveals implicit sendOnly

[Kevin Reid]

We had concluded that makeProxy ( http://wiki.erights.org/wiki/ 
Proxy ) is a safe object.

I now notice that authority to define a proxy handler is authority to  
distinguish E.send from E.sendOnly on the proxy.

Is this acceptable?

I had understood that it is intended that <- is optimized to sendOnly  
when the result is not used; if so, then either the conditions for  
this optimization must be well-defined, or makeProxy must be unsafe.

-- 
Kevin Reid                            <http://homepage.mac.com/kpreid/>