funsec mailing list archives
Re: JavaScript: A Tool, A Weapon
From: B Potter <gdead () shmoo com>
Date: Sat, 5 Jan 2008 09:01:30 -0500
On Jan 5, 2008, at 3:36 AM, coderman wrote:
On Jan 4, 2008 1:24 PM, <Valdis.Kletnieks () vt edu> wrote:...I was whining about the Javascript sandbox being basically busticated...the trick is to use a bigger sandbox. virtual machines for browser appliances with distinct sessions and address space is good thing; just heavy weight at the moment...
There are other interesting ways to solve some JS problems. If you haven't already, you might want to take a look at Google's Caja project.
http://code.google.com/p/google-caja/Basically, it's capabilities-based JavaScript that can be implemented with the existing JS language.
later bruce _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- JavaScript: A Tool, A Weapon Paul Ferguson (Jan 03)
- Re: JavaScript: A Tool, A Weapon silky (Jan 04)
- Re: JavaScript: A Tool, A Weapon Valdis . Kletnieks (Jan 04)
- Re: JavaScript: A Tool, A Weapon coderman (Jan 05)
- Re: JavaScript: A Tool, A Weapon B Potter (Jan 05)
- Re: JavaScript: A Tool, A Weapon Valdis . Kletnieks (Jan 04)
- RE: JavaScript: A Tool, A Weapon Hubbard, Dan (Jan 04)
- Re: JavaScript: A Tool, A Weapon silky (Jan 04)
- Re: JavaScript: A Tool, A Weapon Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 05)
- <Possible follow-ups>
- Re: JavaScript: A Tool, A Weapon Paul Ferguson (Jan 05)
- Re: JavaScript: A Tool, A Weapon Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 05)