contents   index   previous   next



Wrapper Functions And Security

 

Wrapper functions are insecure because they are labeled that way. When you write your own wrapper functions and add them using jseAddLibrary(), you get to label them as either secure or insecure. Remember, if there is any possible way the function could be misused, make it insecure. If you are in doubt about whether a particular function should be labeled secure or insecure, choose insecure.

 

When you are writing a wrapper function, it is possible for it to use jseCallFunction() or jseInterpret() to execute more code. These calls are affected by security. This allows security to propagate. For instance, the ECMAScript function eval() executes a text string as script code exactly like the text string appeared directly in the script. In this case, the wrapper acts just as a pass through, and the code it executes should follow all of the standard security rules. In fact, the ECMAScript eval() function itself is secure; whatever text it executes has the same security as what was already executing. ScriptEase uses this model when you use these two API calls. As a result, the following behavior applies:

 

When calling a function using jseCallFunction(), the call is treated as if the wrapper function's caller was making the call. This means that the calling script function will need to get approval to call the new function. Typically, a wrapper function that just turns around and uses jseCallFunction() is itself secure.

 

jseInterpret() has different behavior depending on the wrapper function itself. If the wrapper function is insecure, then the script run with jseInterpret() starts with no security. If the wrapper function is secure, then jseInterpret() starts with the same security as the calling function.

 

 

So, for instance, ECMAScript eval() is secure as we already mentioned. Thus, when it runs a new script, that script has the existing security restrictions still on it. If the function was labeled insecure, then it has already passed a security check to be able to call it, and it can continue to do dangerous things, so any scripts it interprets are likewise at this high level of security. jseInterpret() allows security to be added using the jseNewSecurity flag. This is on top of whatever security it already has as specified above.


Sample Script