Jaws - coming soon - testers and advice wanted

Joe Armstrong (AL/EAB) <>
Mon Feb 20 13:43:58 CET 2006

No - javascript is executed on the client - never the server. Nothing
you can do on the client can damange the sever
*provided* the server code is safely compiled.
I guess I omitted to say that in my "safe" mode of compilation
*everything* is compiled with a safety wrapper (ie including
BIFs) - thus 
    apply(M, F, A) is transformed to safe:do(erlang, apply, [M,F,A])
   list_to_atom(X) to safe:do(erlang, list_to_atom, [X])
   Then safe:do/3 can be written with any policy you like - to enable or
disable more or less risky operations


[mailto:] On Behalf Of Alex Arnon
	Sent: den 20 februari 2006 12:49
	Subject: Re: Jaws - coming soon - testers and advice wanted
	Could the Javascript apply(...) binding cause new atoms to be
created? In that case, wouldn't that constitute a security hazard?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20060220/6baf265c/attachment.html>

More information about the erlang-questions mailing list