POLA Would Have Prevented the Event-Stream Incident

15 views
Skip to first unread message

Mark Miller

unread,
Dec 3, 2018, 5:36:07 PM12/3/18
to Discussion of E and other capability languages, cap-...@googlegroups.com, Google Caja Discuss
The npm / event-stream incident is the perfect teaching moment for POLA (Principle of Least Authority), and for the need to support least authority for JavaScript libraries.
https://medium.com/agoric/pola-would-have-prevented-the-event-stream-incident-45653ecbda99 by Kate Sills (cc'ed) explains the point. The SES system Kate refers to is https://github.com/Agoric/SES , a reconstruction of the essence of the SES in Caja, redone for modern JavaScript. The other links at the end of Kate's article are also worth following. In particular:

Securing EcmaScript, presentation to Node Security
https://www.youtube.com/watch?v=9Snbss_tawI&list=PLKr-mvz8uvUgybLg53lgXSeLOp4BiwvB2 is my presentation explaining many of these issues *prior to* this particular incident.

At the recent (November 2018) tc39 meeting, I presented on the enhancements needed to support least authority for JavaScript modules and libraries, adequate to have prevented this incident.

Besides es-discuss
would be a good place to discuss these issues.

--
  Cheers,
  --MarkM
Reply all
Reply to author
Forward
0 new messages