Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(ses): tame Symbol so whitelist works #1579

Merged
merged 2 commits into from
May 31, 2023
Merged

feat(ses): tame Symbol so whitelist works #1579

merged 2 commits into from
May 31, 2023

Conversation

erights
Copy link
Contributor

@erights erights commented May 4, 2023

Fixes #1577

If the ses shim initializes on a platform in which Symbol contains non-configurable properties absent from the whitelist, lockdown will effectively succeed at deleting them anyway.

This is a concern because later versions of the language, as well as bespoke variations, may add symbols whose meaning is currently unknown. The symbols themselves would be safe, be we should know what behavior they unlock before making them generally available.

@erights erights requested review from kriskowal and mhofman May 4, 2023 23:06
@erights erights self-assigned this May 4, 2023
@erights erights force-pushed the markm-1577-symbol-repair branch from 31c66ea to 8da7e0b Compare May 4, 2023 23:07
kriskowal
kriskowal reviewed May 4, 2023
View reviewed changes
Copy link
Member

@kriskowal kriskowal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we leave the globalThis.Symbol in tact so that the application, being in a position of maximum host powers, has the option of delegating any symbol to a compartment and only provide a different, shared Symbol in compartments?

packages/ses/src/lockdown-shim.js Outdated Show resolved Hide resolved
@erights erights requested a review from kriskowal May 5, 2023 05:02
@erights erights force-pushed the markm-1577-symbol-repair branch from 93ce41e to 927848c Compare May 20, 2023 20:45
@mhofman mhofman mentioned this pull request May 26, 2023
Open
@erights erights force-pushed the markm-1577-symbol-repair branch from 927848c to 882f8d5 Compare May 31, 2023 00:56
@erights erights requested a review from gibson042 May 31, 2023 01:16
@erights erights merged commit 19180f6 into master May 31, 2023
@erights erights deleted the markm-1577-symbol-repair branch May 31, 2023 05:55
mhofman pushed a commit that referenced this pull request Jun 27, 2023
@erights @mhofman
Merge pull request #1579 from endojs/markm-1577-symbol-repair
eff8a30 
feat(ses): tame Symbol so whitelist works

(cherry picked from commit 19180f6)
This was referenced Dec 4, 2023
Closed
Merged
@erights erights mentioned this pull request Dec 8, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kriskowal kriskowal kriskowal approved these changes

@mhofman mhofman Awaiting requested review from mhofman

@gibson042 gibson042 Awaiting requested review from gibson042

Assignees

@erights erights

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Shared Symbol intrinsic
3 participants
@erights @kriskowal @gibson042