Skip to content

Commit

Permalink
✏️ fix 2021 notes
Browse files Browse the repository at this point in the history
  • Loading branch information
ctcpip committed Oct 19, 2023
1 parent 9cfaadd commit c7a26da
Show file tree
Hide file tree
Showing 24 changed files with 2,089 additions and 1,901 deletions.
2 changes: 1 addition & 1 deletion .markdownlint-cli2.jsonc
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
"ignores": [
"node_modules/**",
"meetings/201*/*.md",
"meetings/202[0-1]*/*.md",
"meetings/2020*/*.md",
"scripts/test-samples/*"
]
}
203 changes: 107 additions & 96 deletions meetings/2021-01/jan-25.md

Large diffs are not rendered by default.

125 changes: 62 additions & 63 deletions meetings/2021-01/jan-26.md

Large diffs are not rendered by default.

146 changes: 78 additions & 68 deletions meetings/2021-01/jan-27.md

Large diffs are not rendered by default.

260 changes: 131 additions & 129 deletions meetings/2021-01/jan-28.md

Large diffs are not rendered by default.

148 changes: 78 additions & 70 deletions meetings/2021-03/mar-10.md

Large diffs are not rendered by default.

225 changes: 126 additions & 99 deletions meetings/2021-03/mar-9.md

Large diffs are not rendered by default.

122 changes: 57 additions & 65 deletions meetings/2021-04/apr-19.md

Large diffs are not rendered by default.

116 changes: 57 additions & 59 deletions meetings/2021-04/apr-20.md

Large diffs are not rendered by default.

381 changes: 190 additions & 191 deletions meetings/2021-04/apr-21.md

Large diffs are not rendered by default.

255 changes: 140 additions & 115 deletions meetings/2021-05/may-25.md

Large diffs are not rendered by default.

242 changes: 124 additions & 118 deletions meetings/2021-05/may-26.md

Large diffs are not rendered by default.

221 changes: 112 additions & 109 deletions meetings/2021-07/july-13.md

Large diffs are not rendered by default.

94 changes: 45 additions & 49 deletions meetings/2021-07/july-14.md

Large diffs are not rendered by default.

223 changes: 107 additions & 116 deletions meetings/2021-07/july-15.md

Large diffs are not rendered by default.

223 changes: 122 additions & 101 deletions meetings/2021-08/aug-31.md

Large diffs are not rendered by default.

114 changes: 61 additions & 53 deletions meetings/2021-08/sept-01.md

Large diffs are not rendered by default.

164 changes: 89 additions & 75 deletions meetings/2021-10/oct-25.md

Large diffs are not rendered by default.

253 changes: 137 additions & 116 deletions meetings/2021-10/oct-26.md

Large diffs are not rendered by default.

178 changes: 101 additions & 77 deletions meetings/2021-10/oct-27.md

Large diffs are not rendered by default.

223 changes: 128 additions & 95 deletions meetings/2021-10/oct-28.md

Large diffs are not rendered by default.

32 changes: 16 additions & 16 deletions meetings/2021-12/dec-14.md

Large diffs are not rendered by default.

38 changes: 19 additions & 19 deletions meetings/2021-12/dec-15.md

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion meetings/2023-01/jan-30.md
Original file line number Diff line number Diff line change
Expand Up @@ -596,7 +596,7 @@ RPR: I think we can move on. The first question is from JHD.

JHD: Yeah, I mean, all the examples in your slides if you opt into a secure mode, you have to know to do that - and if you know to do that, then you also salt your keys, or use `Object.create(null)` or `{ __proto__ null }`, or use a `Map` or something. Unless you turn on the mode by default, I don’t think it would really achieve any of the goals you want. node, for example, already has a flag that lets you remove the `__proto__` accessor and you can run it with that - but lots of arbitrary modules in the ecosystem rely on the functionality. I’m incredibly confident that trying to do this by default would break the web in sufficient quantities that it wouldn’t be viable. I don’t see a lot of value in if it’s required to be opt in, that said, obviously the exploration area is great. Even though the number of prototype pollution attacks that turn into real exploits is nonzero, I think it’s small, but still worth addressing.I feel like the biggest benefit would be removing a bunch of false positive CVEs from the ecosystem that cost a lot of developers’ time. But either way, I mean, I think it’s worth exploring - that’s a stage 1 concern - but I wanted to share my skepticism.

SYG: Noted. I want to lean on SDZ to provide a more detailed answer here. But I want to respond first to this node flag thing. So our hunch is that we’re not saying we’re going to remove `__proto__` entirely. The idea is that this is a two-parted approach where we realize having .property access to **proto** to .prototype to constructor to keep it working. The way we propose that is with automatic rewriting so we don’t have to manually migrate the entire code base. The other thing about using none prototype objects I think that speaks to the at scale deployment thing. If you had the luxury of time and whatever to basically re rewrite your whole world, then yes you could just never use prototype inheritance at all. That seems a challenge in itself. But at the very least we want to use third party libraries, you can’t really do that. As an application you could opt in the mode. With the automatic rewriting you get the benefits for free. We share your concern. Without the automatic rewriting step that that pure opt in will be difficult to get deploying and working. SDZ, do you have anything to add here?
SYG: Noted. I want to lean on SDZ to provide a more detailed answer here. But I want to respond first to this node flag thing. So our hunch is that we’re not saying we’re going to remove `__proto__` entirely. The idea is that this is a two-parted approach where we realize having .property access to `__proto__` to .prototype to constructor to keep it working. The way we propose that is with automatic rewriting so we don’t have to manually migrate the entire code base. The other thing about using none prototype objects I think that speaks to the at scale deployment thing. If you had the luxury of time and whatever to basically re rewrite your whole world, then yes you could just never use prototype inheritance at all. That seems a challenge in itself. But at the very least we want to use third party libraries, you can’t really do that. As an application you could opt in the mode. With the automatic rewriting you get the benefits for free. We share your concern. Without the automatic rewriting step that that pure opt in will be difficult to get deploying and working. SDZ, do you have anything to add here?

SDZ: Yeah. I want to speak up about the idea of using create null or the literal prototype null as an integration for this. I think it’s important to understand why we think that doesn’t work. We did a few experiments with this. We found a few problems with it. So the first one is you might create an object (inaudible) that doesn’t have any prototype and you think that is secure until some function at to the object might be array or number or string or maybe another object and now that has a prototype prototype, right? What you’re doing is essentially moving the goalpost one level deeper, right? And you really don’t have a way of creating let’s say a string with no prototype or a number with no prototype or array with no prototype. All of which could be polluted if they went into a common practice function. This is code and only protecting one object apart from sort of the issues that you would have in deploying it that is sort of find everywhere where I have an object literal and replace it with this which is granted sort of something that you can do and with the person speaking and saying if you’re willing to do that you are willing to do (inaudible) but I think those would be the strongest reasons why that solution is not good enough.

Expand Down

0 comments on commit c7a26da

Please sign in to comment.