*If* you know your scripts will run first and *if* it is acceptable to deny external scripts the ability to modify built-ins, you could consider using SES. https://code.google.com/p/es-lab/wiki/SecureEcmaScript
On Wed, Mar 13, 2013 at 9:32 AM, Benjamin Kalman <[email protected]>wrote: > > On Wed, Mar 13, 2013 at 9:07 AM, Jakob Kummerow <[email protected]>wrote: > >> Well, but "too hard to implement" is not the reason. You're not asking >> how you can implement monkey-patching; you're asking how you can >> stop/limit/blacklist/undo/circumvent it because it's harmful. The way I see >> it, the platform is shooting itself in the foot, repeatedly, but it gets >> angry at us when we suggest to take away its gun. >> >> > I'm just saying it's more like taking away its motorbike - people use them > because they're fun and easy to get around with, but they'll probably hurt > you some day - and it's not our job to ban motorbikes but to design roads > that are safe for them. > > Metaphor explosion. > > >> Lastly - I am not really sure about how harmony proxies work, but it >>> sounds like we're told after they change not before they change? If not, >>> that would certainly be a neater solution than what we're doing for JSON >>> (saving function references on load), but I can see it getting messy with >>> prototypes. >>> >> >> I guess the best you can do is before you hand the context over to the >> extension, create a copy of all the library functions/objects you care >> about. Then you can restore that as necessary when control comes back to >> your code. It should be possible to package this behavior relatively >> nicely; maybe a custom alternate global object helps (so you wouldn't have >> to restore anything, you'd just mechanically >> s/Array/original_global.Array/g in your code). You don't need proxies for >> this, nor any other way to observe what the extension is mucking with. >> > > I tried that sort of thing actually, but ultimately it doesn't seem > possible to prevent our code from doing things like "var schemas = []" > instead of "var schemas = original_global.Array()" - and it's unrealistic > for us to remember to do that everywhere. It's how I arrived at running in > a separate context being the only way to do this that protects us against > ourselves. There's also a chicken-egg problem where you can override > Function.prototype.call and we're totally screwed (umm, hopefully > extensions wouldn't do that). > > -- > -- > v8-users mailing list > [email protected] > http://groups.google.com/group/v8-users > --- > You received this message because you are subscribed to the Google Groups > "v8-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > > > -- -- v8-users mailing list [email protected] http://groups.google.com/group/v8-users --- You received this message because you are subscribed to the Google Groups "v8-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
