Object Capability Security
Rafael Ferreira
var Creature = function () {...}
var TheCreator = { make: function() { var creature = new Creature }}
Parenthood
var Creature = function () {...}
var TheCreator = { make: function() { var creature = new Creature }}
make: function() { var reference = ... var newObject = { ... var copy = reference } }
Endowment
make: function() { var reference = ... var newObject = { ... var copy = reference } }
meet: function() { var someObject = ... var otherObject = ... someObject.doSomething(otherObject)}
Introduction
meet: function() { var someObject = ... var otherObject = ... someObject.doSomething(otherObject)}
this.reference = window .document .getElementById("farmWarsDiv")
Ambient
this.reference = window .document .getElementById("farmWarsDiv")
Ambient
this.reference = window .document .getElementById("farmWarsDiv")
X
Only connectivity begets connectivity
Object Capability
· Memory Safety· No global actions· No magic objects· Encapsulation
The reference graph is the access graph
Object Capability
· Memory Safety· No global actions· No magic objects· Encapsulation
Object Capability
· Memory Safety· No global actions· No magic objects· Encapsulation
Javascript
EcmaScript.Next
· “use strict;”
· Object.freeze
· Module System· Safe Eval
· Proxies
Caretaker
= { updateStatus: function(message)}
StatusUpdater