On 30/08/2010 23:12, Mark S. Miller wrote:
> May crash your browser or page:
FWIW, it didn't crash Chrome 5 on Windows. Hard to know if it worked
> <http://es-lab.googlecode.com/svn/trunk/src/ses/index.html>Sources at
> This has only been lightly tested and should */*not*/* be relied on to
> have any security properties yet.
> The claim I working up to is that, on a securable ES5 implementation
> (<http://code.google.com/p/es-lab/wiki/SecureableES5>), these scripts
> create an SES environment
> (<http://code.google.com/p/es-lab/wiki/SecureEcmaScript>) implementing
> the object-capability security model and solving the safe mashup problem
> Unfortunately, since there is not yet any full browser-based
> implementations of ES5, the present state of these scripts have various
> compromises that preserves their functionality but loses security. These
> are documented in the various files under "KLUDGE SWITCHES". With these
> kludges, from *extremely* light testing, it seems to work on the latest
> * Firefox Minefield 4.0b5pre,
> * Safari WebKit Nightly Version 5.0.1 (5533.17.8, r66356), and
> * Chromium beta 6.0.490.0 (3135).
> As soon as I get my VMWare installation fixed, I'll test on the IE9
> preview as well. Opera 10.61.8429 does not yet implement
> Object.getOwnPropertyNames, so I can't even test there.
> This implementation of SES cannot run on ES5/3
> as is because of the lack of a client side eval. The current plan is to
> support SES5/3 directly, rather than porting these scripts to run on ES5/3.
> Like ADsafe, this is all implemented by a lightweight client-side
> library, with no server-side support need. Minified, the total size of
> the download comes in under 5k. Because it does not parse or transform
> code, aside from calls to "eval" or the "Function" constructor, the
> untrusted code runs at full speed and with no code expansion. Due to
> various transient problems, the safe eval is currently called "eval2"
> and "eval" remains unsafe.
> Interestingly, this library contains a surprising faithful emulation of
> WeakMaps on ES5 browsers that don't support WeakMaps directly
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff