Ben Laurie:
I’ve been running a team at Google for a while now, implementing capabilities in Javascript....a Caja program will run without modification on a standard Javascript interpreter - though it won’t be secure, of course! When it is compiled then, like CaPerl, the result is standard Javascript that enforces capability security. What does this mean? It means that Web apps can embed untrusted third party code without concern that it might compromise either the application’s or the user’s security...I’m very excited about this project and the involvement of some world class capability experts, including Mark Miller (of E fame) who is a full-time member of the Caja development team.
This could possibly be a very important development. I haven't delved into Caja, but I know some members know all there is to know, so perhaps they can enlighten us about the details...
Recent comments
27 weeks 5 days ago
27 weeks 5 days ago
27 weeks 5 days ago
49 weeks 6 days ago
1 year 2 weeks ago
1 year 3 weeks ago
1 year 3 weeks ago
1 year 6 weeks ago
1 year 10 weeks ago
1 year 11 weeks ago