OK but if it's about being able to break an environment caller would be at the end of a list of problems :-/
On Fri, Mar 8, 2013 at 2:51 PM, Brandon Benvie <bben...@mozilla.com> wrote: > As an example of the security vulnerabilities possibly exposed by being > able able to get the caller, look to V8's somewhat recently fixed > toString/valueOf caller that exposed the internal operator functions like > MUL, DIV, etc. Unpatchable (by something like Caja) communication channels, > capability leaks abound. http://bbenvie.com/articles/** > 2012-08-29/Interview-With-the-**All-Stars-From-V8-s-runtime-**js-<http://bbenvie.com/articles/2012-08-29/Interview-With-the-All-Stars-From-V8-s-runtime-js-> > > ______________________________**_________________ > es-discuss mailing list > es-discuss@mozilla.org > https://mail.mozilla.org/**listinfo/es-discuss<https://mail.mozilla.org/listinfo/es-discuss> >
_______________________________________________ es-discuss mailing list es-discuss@mozilla.org https://mail.mozilla.org/listinfo/es-discuss
