wasi: clearly document sandboxing & file system security status#50396
Closed
guybedford wants to merge 1 commit intonodejs:mainfrom
Closed
wasi: clearly document sandboxing & file system security status#50396guybedford wants to merge 1 commit intonodejs:mainfrom
guybedford wants to merge 1 commit intonodejs:mainfrom
Conversation
Collaborator
|
Review requested:
|
nodejs-github-bot
added
doc
UlisesGascon
approved these changes
Oct 26, 2023
RafaelGSS
reviewed
Oct 26, 2023
| their own custom `env`, `preopens`, `stdin`, `stdout`, `stderr`, and `exit` | ||
| capabilities. | ||
|
|
||
| **The current Node.js threat model does not provide secure sandboxing as is |
Member
There was a problem hiding this comment.
I think we could mention it in the SECURITY.md file
Contributor
Author
There was a problem hiding this comment.
As far as I can tell, this is already covered by the existing thread model definition in SECURITY.md for Node.js, unless we want to explicitly call out WASI there?
jasnell
approved these changes
Oct 28, 2023
guybedford
added
the
commit-queue
guybedford
force-pushed
the
wasi-security
branch
from
f3d1496 to
51b029d
Compare
nodejs-github-bot
added
commit-queue-failed
Collaborator
Commit Queue failed- Loading data for nodejs/node/pull/50396 ✔ Done loading data for nodejs/node/pull/50396 ----------------------------------- PR info ------------------------------------ Title wasi: clearly document sandboxing & file system security status (#50396) ⚠ Could not retrieve the email or name of the PR author's from user's GitHub profile! Branch guybedford:wasi-security -> nodejs:main Labels doc, wasi Commits 1 - wasi: clearly document sandboxing & file system security status Committers 1 - Guy Bedford PR-URL: https://github.com/nodejs/node/pull/50396 Reviewed-By: Michael Dawson Reviewed-By: James M Snell ------------------------------ Generated metadata ------------------------------ PR-URL: https://github.com/nodejs/node/pull/50396 Reviewed-By: Michael Dawson Reviewed-By: James M Snell -------------------------------------------------------------------------------- ⚠ Commits were pushed since the last approving review: ⚠ - wasi: clearly document sandboxing & file system security status ℹ This PR was created on Wed, 25 Oct 2023 18:50:44 GMT ✔ Approvals: 2 ✔ - Michael Dawson (@mhdawson) (TSC): https://github.com/nodejs/node/pull/50396#pullrequestreview-1698108476 ✔ - James M Snell (@jasnell) (TSC): https://github.com/nodejs/node/pull/50396#pullrequestreview-1702811418 ✔ Last GitHub CI successful ℹ Green GitHub CI is sufficient -------------------------------------------------------------------------------- ✔ Aborted `git node land` session in /home/runner/work/node/node/.ncuhttps://github.com/nodejs/node/actions/runs/6713160160 |
guybedford
pushed a commit
that referenced
this pull request
Oct 31, 2023
PR-URL: #50396 Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Contributor
Author
|
Landed in ffb326c. |
guybedford
removed
the
commit-queue-failed
alexfernandez
pushed a commit
to alexfernandez/node
that referenced
this pull request
Nov 1, 2023
PR-URL: nodejs#50396 Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
anonrig
pushed a commit
to anonrig/node
that referenced
this pull request
Nov 9, 2023
PR-URL: nodejs#50396 Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
targos
pushed a commit
that referenced
this pull request
Nov 11, 2023
PR-URL: #50396 Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
targos
pushed a commit
that referenced
this pull request
Nov 14, 2023
PR-URL: #50396 Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
UlisesGascon
pushed a commit
that referenced
this pull request
Dec 11, 2023
PR-URL: #50396 Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Merged
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Currently we use the term "sandbox" in the
node:wasidocumentation, which can be misconstrued as forming a security model.This PR firstly removes the usage of the term "sandbox" and then also updates the docs to include a warning that WASI in Node.js is not a secure capability system and that this is not part of the Node.js threat model. This is very similar to what we already do for the VM module in being clear it does not provide a comprehensive security model for running untrusted code.
Finally, this PR adds a new section on Security to the WASI docs. If we improve the security properties in future, this versioned security documentation can form part of the contract of the implementation so that we can treat the addition of any security guarantees in future as a feature. Perhaps we never get there but it at least leaves the door open to that.
In terms of what would be required to claim our implementation does in fact provide secure sandboxing - the main issue right now is that the filesystem sandboxing is escapable via timing approaches with symlinks. The way to solve this from a security perspective would be to expose the
openatprimitive in libuv and use that to build a secure model. I created a discussion issue for this in libuv/libuv#4167. This would have a slight performance cost, but would form the correct primitive to provide a secure filesystem sandbox.