[tor-talk] Programming language for anonymity network
David Rajchenbach-Teller
dteller at mozilla.com
Fri Apr 18 09:34:24 UTC 2014
On 18/04/14 11:30, Aymeric Vitte wrote:
[...]
> - nodejs is easy to audit (assuming that modules like V8 can be
> audited), you can override node's functions/objects if you like
[...]
Actually, in my mind, that's one point against safety of Node.js
applications. Redefining, say, Array.prototype.forEach is a good way to
introduce hard-to-track bugs. Doubly so if this is done silently by
importing a package (almost sure the latter is possible, but I haven't
actually checked).
Cheers,
David
--
David Rajchenbach-Teller, PhD
Performance Team, Mozilla
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20140418/eb699db6/attachment.sig>
More information about the tor-talk
mailing list