On Feb 2, 2010, at 6:23 PM, Kris Kowal wrote:

Different module contexts may have different module ID resolvers, so for example it would be possible for host environments to provide a SecureESContext that didn't allow identifiers to resolve to the "filesystem" module or the "dom" module.

This verbiage implies black-listing.  It would be good to be clear
that the object formerly known as a "module context" should be
explicitly populated with a white-list of module instances for SES.

Agreed, and good point.

Oprah moment: something about the way you wrote makes me want to plead for goodwill assumptions in our informal exchanges. No one on the committee is trying to open up capability leaks or introduce ambient authority. I doubt anyone is unfamiliar with the problems of blacklisting. It seemed clear to me that Dave was not specifying rigorously, just giving two examples.

(Ok, group hug :-P.)

/be

_______________________________________________
es-discuss mailing list
es-discuss@mozilla.org
https://mail.mozilla.org/listinfo/es-discuss

Reply via email to