Skip to content
forked from endojs/endo

SES (Secure EcmaScript) is a secure runtime for executing third-party code safely

License

Notifications You must be signed in to change notification settings

MKokeshi/SES-shim

 
 

Repository files navigation

Secure EcmaScript Shim (SES-shim)

build status contributing license

Secure EcmaScript (SES) is an execution environment which provides fine-grained sandboxing via Compartments.

  • Compartments Compartments are separate execution contexts: each one has its own global object and global lexical scope.
  • Frozen realm Compartments share their intrinsics to avoid identity discontinuity. By freezing the intrinsics, SES removes programs abilities to interfere with each other.
  • Strict mode SES enables JavaScript strict mode which enhances security, for example by changing some silent errors into throw errors.
  • POLA (Principle of Least Authority) By default, Compartments receive no ambient authorithy. They are created without host-provided APIs, (for example no XMLHttpRequest).

Learn about the SES specification.

Learn how to use SES in your own project.

Documentation

Installation

This monorepo contains several packages, but project will most likely use either ses or @agoric/harden. Please consult the README from those packages for more details.

Packages

All packages maintained with this monorepo are listed below.

Package Version Description
ses npm Secure ECMAScript.
@agoric/harden npm Build a defensible API surface around an object by freezing all reachable properties.

Examples

Contributing

Branches

master

  • Latest development code.

0.6-stable

  • Original SES code which was build on the realm-shim and still releasable:
$ git checkout 0.6-stable
$ cd packages/ses
$ npm install
$ npm run build

src/index.js → dist/ses.esm.js, dist/ses.cjs.js...
created dist/ses.esm.js, dist/ses.cjs.js in 220ms

src/index.js → dist/ses.umd.js...
created dist/ses.umd.js in 204ms

Bug Disclosure

Please help us practice coordinated security bug disclosure, by using the instructions in our security guide to report security-sensitive bugs privately.

For non-security bugs, please use the regular Issues page.

License

SES is Apache 2.0 licensed.

About

SES (Secure EcmaScript) is a secure runtime for executing third-party code safely

Resources

License

Security policy

Stars

Watchers

Forks

Packages

No packages published

Languages

  • JavaScript 100.0%
  • HTML 0.0%
  • Shell 0.0%
  • Python 0.0%
  • Batchfile 0.0%
  • CSS 0.0%