--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/README	Mon Jun 22 06:51:58 2009 -0700
@@ -0,0 +1,24 @@
+About Spidermonkey Playground
+-----------------------------
+
+This is a simple C/C++ command-line program that embeds SpiderMonkey
+and exposes a number of the JSAPI's functions [1] to a Trusted Code
+Base written in JS.  The goal here is to provide developers with an
+easy way to explore and experiment with JavaScript security models in
+a high-level language before actually implementing one in C/C++.
+
+The playground currently includes a highly experimental implementation
+of SecurableModules [2] that allows for the exportation of
+functionality to a module via require(). It also includes a "membrane"
+or "wrapper" [3] implementation that allows secure membranes to be
+implemented entirely in JavaScript.  It's really just an exposing of
+SpiderMonkey's JSClass/JSExtendedClass [4] to JavaScript, but it
+should allow for pretty flexible enforcement of any kind of desired
+security characteristic, from an Object-Capability Model like that of
+Google Caja [5] to a read-only representation of a DOM structure.
+
+[1] https://developer.mozilla.org/en/SpiderMonkey
+[2] https://wiki.mozilla.org/ServerJS/Modules/SecurableModules
+[3] https://developer.mozilla.org/en/XPConnect_wrappers
+[4] https://developer.mozilla.org/en/SpiderMonkey/JSAPI_Reference/JSClass
+[5] http://code.google.com/p/google-caja/

--- a/spidermonkey-playground.cpp	Mon Jun 22 06:32:32 2009 -0700
+++ b/spidermonkey-playground.cpp	Mon Jun 22 06:51:58 2009 -0700
@@ -10,6 +10,9 @@
 static JSContext *tcb_cx;
 static JSObject  *tcb_global;
 
+// TODO: Make sure we're rooting objects appropriately here so that
+// the interpreter doesn't randomly crash or something.
+
 /* The class of the global object. */
 static JSClass global_class = {
   "global", JSCLASS_GLOBAL_FLAGS,