Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Some tweaks to index #2

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Some tweaks to index #2

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
1ded5c2
Some tweaks to index
mhofman Jul 10, 2024
90160b6
Merge branch 'main' into mhofman-update-index
kriskowal Jul 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions src/content/docs/index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ Hardened JavaScript is a [standards
track](https://github.com/tc39/proposal-ses) mode for the JavaScript language
for safe plugin systems and supply chain attack resistance.
Hardening JavaScript improves a program’s integrity in the face of
adversarial code in the same process.
adversarial code in the same Realm.
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

technically if adversarial code runs in another non locked down realm of the same process/agent, it could measure timing. Of course the ability run adversarial code in such a realm would need to exist in the first place.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we can link https://github.com/tc39/how-we-work/blob/main/terminology.md#realm


## Mechanisms

Expand Down Expand Up @@ -113,7 +113,7 @@ lockdown();
let counter = 0;
const capability = harden({
inc() {
counter++;
return counter++;
},
});

Expand Down Expand Up @@ -167,7 +167,7 @@ console.log(capability.inc()); // 2
## Boundaries

Hardened JavaScript does not protect the availability of a program.
Any party in the same realm, regardless of compartment isolation, can drop into
Any party in the same agent, regardless of compartment isolation, can drop into
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

again this assumes that there exists multiple realms.

Copy link
Member

@kriskowal kriskowal Jul 10, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since this document’s audience includes folks who aren’t intimate with the term “agent”, can I suggest “process”? I think “agent” and even “worker” suffer a distinction, where the spectre/meltdown mitigation needs a bona fide process boundary and a host could even have multiple “agent clusters” in a single process.

an infinite loop and prevent all other parties from making progress.
Hardened JavaScript combines well with carefully chosen process or worker
boundaries.
Expand All @@ -177,7 +177,7 @@ timers and shared state between compartments.
Each compartment’s global object has only certain _hardened, shared intrinsics_
with other compartments, including `Object`, `Array`, `Date`, and `Math`, but
lockdown ensures that `new Date()`, `Date.now()`, and `Math.random()` do not
work.
work in the locked down Realm.
The compartment global object does not get any other properties from the host
(web browser or Node.js) like `performance`.
Without these features, a confined program can’t use timing side channels
Expand Down