MozillaWiki

FlowSafe: Difference between revisions

Page Discussion

FlowSafe (view source)

Revision as of 16:57, 25 March 2010

124 bytes added ,  25 March 2010
→‎References
 
(4 intermediate revisions by 2 users not shown)
Line 18: Line 18:


# Add <code>JSTrustLabel</code> to the JS API, a union of <code>JSPrincipals</code> (trust labels replace principals)
# Add <code>JSTrustLabel</code> to the JS API, a union of <code>JSPrincipals</code> (trust labels replace principals)
# Have [https://developer.mozilla.org/En/SpiderMonkey/Internals/Property_cache#Shape shapes] imply trust labels so that distinct origins get different shapes for standard objects, equivalent property list patterns, etc.
# Extend <code>JSExtendedClass</code> to delegate <code>typeof</code> so we can build <code>LabeledPrimitiveValue</code> wrappers for primitives
## Also need to rebox results of all primitive operators, e.g. <code>-x</code> for <code>x = new LabeledPrimitiveValue(42)</code> should be a <code>LabeledPrimitiveValue</code> instance, not the number <code>-42</code>
# <code>JSScript</code> has a <code>JSTrustLabel</code>
# <code>JSScript</code> has a <code>JSTrustLabel</code>
# Interpreter <code>pc</code> has a <code>JSTrustLabel</code>
# Interpreter <code>pc</code> has a <code>JSTrustLabel</code>
# Variable objects (even those optimized away) have a <code>JSTrustLabel</code>
# Extend <code>JSExtendedClass</code> to delegate <code>typeof</code> so we can build <code>LabeledValue</code> wrappers for primitives
## Also need to rebox results of all primitive operators, e.g. <code>-x</code> for <code>x = new LabeledValue(42)</code> should be a <code>LabeledValue</code> instance, not the number <code>-42</code>
# Have [https://developer.mozilla.org/En/SpiderMonkey/Internals/Property_cache#Shape shapes] imply trust labels so that distinct origins get different shapes for standard objects, equivalent property list patterns, etc.
## So objects have trust labels because objects have shapes
## Beware shapeless objects (dense arrays, certain "host objects")
## Cormac's semantics requires labeled references too, another use-case for <code>LabeledValue</code>
# Add policy JS API that allows custom assignment, control flow branching, and input/output policy decision points -- does this mean SSA in one pass?
# Add policy JS API that allows custom assignment, control flow branching, and input/output policy decision points -- does this mean SSA in one pass?
# Add shell functions for testing and write tests
# Add shell functions for testing and write tests
Line 30: Line 32:
# Declassify primitive TBD, defer for now
# Declassify primitive TBD, defer for now


--[[User:Brendan|Brendan]] 02:07, 6 August 2009 (UTC)
--[[User:Brendan|Brendan]] 01:43, 31 October 2009 (UTC)


===References===
===References===


[http://slang.soe.ucsc.edu/cormac/papers/plas09.pdf Efficient Purely-Dynamic Information Flow Analysis (PLAS '09)]
[http://slang.soe.ucsc.edu/cormac/papers/plas09.pdf Efficient Purely-Dynamic Information Flow Analysis (PLAS '09)]
Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/179798...210984"