-
Notifications
You must be signed in to change notification settings - Fork 29.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
doc: add note on weakness of permission model #54268
Merged
nodejs-github-bot
merged 1 commit into
nodejs:main
from
tniessen:doc-permission-model-no-security
Aug 17, 2024
Merged
doc: add note on weakness of permission model #54268
nodejs-github-bot
merged 1 commit into
nodejs:main
from
tniessen:doc-permission-model-no-security
Aug 17, 2024
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
tniessen
added
security
Issues and PRs related to security.
permission
Issues and PRs related to the Permission Model
labels
Aug 8, 2024
Review requested:
|
RafaelGSS
reviewed
Aug 8, 2024
tniessen
force-pushed
the
doc-permission-model-no-security
branch
from
August 13, 2024 09:36
c31c39e
to
3c9de5f
Compare
RafaelGSS
reviewed
Aug 13, 2024
Malicious JavaScript code can bypass the permission model. Hence, it does not fulfill the requirements of a security mechanism against malicious code.
tniessen
force-pushed
the
doc-permission-model-no-security
branch
from
August 14, 2024 09:09
3c9de5f
to
c2f33ba
Compare
RafaelGSS
approved these changes
Aug 14, 2024
tniessen
added
author ready
PRs that have at least one approval, no pending requests for changes, and a CI started.
commit-queue
Add this label to land a pull request using GitHub Actions.
labels
Aug 16, 2024
nodejs-github-bot
removed
the
commit-queue
Add this label to land a pull request using GitHub Actions.
label
Aug 17, 2024
Landed in 97f39eb |
RafaelGSS
pushed a commit
that referenced
this pull request
Aug 19, 2024
Malicious JavaScript code can bypass the permission model. Hence, it does not fulfill the requirements of a security mechanism against malicious code. PR-URL: #54268 Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Merged
RafaelGSS
pushed a commit
that referenced
this pull request
Aug 21, 2024
Malicious JavaScript code can bypass the permission model. Hence, it does not fulfill the requirements of a security mechanism against malicious code. PR-URL: #54268 Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
author ready
PRs that have at least one approval, no pending requests for changes, and a CI started.
doc
Issues and PRs related to the documentations.
permission
Issues and PRs related to the Permission Model
security
Issues and PRs related to security.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Malicious JavaScript code can bypass the permission model. Hence, it does not fulfill the requirements of a security mechanism against malicious code.
Specifically, JavaScript code can interface with libuv through a file descriptor and execute arbitrary native code. This problem was found by @leesh3288 who submitted a well-written report on the security impact of this issue.
(I am not convinced that we should present this feature as a security mechanism at all at this point because I am quite unsure what guarantees it provides, but this PR just adds a remark on malicious code.)