On XSnap, switch from using sloppy eval to using the builtin compartment evaluator #2480
Assignees
Labels
blocked_by_XSupgrade
items that require an XS upgrade before they can be solved.
endo
needs-design
ses
vaults_triage
DO NOT USE
xsnap
the XS execution tool
Comments
|
It's not obvious to me how we would do this, so I'm adding the design label. |
3 tasks
|
See also endojs/endo#730 , which is dup-ish, but we're keeping both open for now. |
aj-agoric
added
the
blocked_by_XSupgrade
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
endojs/endo#31 is an example of a bug we simple cannot fix as long as we're using the eight magic lines of code to safely evaluate. XSnap has compartments whose semantics started us on our compartment semantics. But currently we're not using their builtin compartments yet because of all the semantic gaps on modules and import namespaces that we need to reconcile.
However, those builtin compartments do have per-compartment globals and per-compartment
evalandFunctionthat work according to SES rules, which have not drifted. Even though the modules/imports issue mean we still need to build our own compartments or their for now, we could directly use their evaluator for confined execution. This would fix endojs/endo#31 and is really the only practical way to fix it.The text was updated successfully, but these errors were encountered: