[e-lang] Rights amplification without transfering flow of control in Caja or ADsafe
david.hopwood at industrial-designers.co.uk
Sat May 17 18:29:14 CDT 2008
David-Sarah Hopwood wrote:
> Tyler Close wrote:
>> must securely recognize its created promises, without transferring
>> flow of control to an untrusted object. For example, consider the
>> implementation of Q.when(promise, ...). The when() implementation must
>> queue an observer on the private list of observers inside the provided
>> promise object. The implementation can't just call a method on the
>> provided promise object, because it might be an untrusted object that
>> makes an immediate call or throws an exception. I had been recognizing
>> promises by checking the value of the 'constructor' property, but both
>> ADsafe and Caja forbid access to this member. Is there some other way
>> to perform rights amplification without transferring flow of control
>> in Caja and ADsafe?
> The suggestion I made (for a different reason) in
Wrong URL; I meant
> would also solve this problem, I think:
> # Suppose that _$post, _$get, _$when etc. were defined on Object.prototype,
> # ambient authority to set or define properties with names starting '_$'.
> # Assume that the ref_send library is granted explicit authority to set
> # these properties on Object.prototype.
More information about the e-lang