In ECMAScript, a realm consists of a global object and an associated set of primordial objects – mutable objects like Array.prototype that must exist before any code runs. Objects within a realm implicitly share these primordials and can therefore easily disrupt each other by primordial poisoning – modifying these objects to behave badly. This disruption may happen accidentally or maliciously. Today, in the browser, realms can be created via same origin iframes. On creation, these realms are separate from each other. However, to achieve this separation, each realm needs its own primordials, making this separation too expensive to be used at fine grain.
Though initially separate, realms can be brought into intimate contact with each other via host-provided APIs. For example, in current browsers, same-origin iframes bring realms into direct contact with each other’s objects. Once such realms are in contact, the mutability of primordials enables an object in one realm to poison the prototypes of the other realms.
Mark S. Miller is the main designer of the E and Dr. SES distributed object-capability programming languages, inventor of Miller Columns, a pioneer of agoric (market-based secure distributed) computing, an architect of the Xanadu hypertext publishing system, a representative to the EcmaScript committee, and one of Yedalog’s creators.
Conference DayMon 18 JulDisplayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change
13:50 - 15:20
Mark MillerGoogle Inc.
|Towards Enabling Low-Level Memory Optimisations at the High-Level with Ownership Annotations|
Juliana FrancoImperial College London, Tobias WrigstadUppsala University, Sophia DrossopoulouImperial College LondonPre-print
| Objects as Session-Typed Processes|