Feature: Adding extra sandbox to prevent escaping (hence allows malicious code to require/import system modules) #8
No reviewers
Labels
No labels
bug
confirmed
bug
critical
bug
new
community
suggestion
community
support
develop
WIP
feature
content
feature
documentation
feature
enhancement
feature
mechanism
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
UmaERA/era-electron!8
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "dev"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Introduction
This Merge Request addresses multiple known vulnerabilities that allowed sandbox escape and unauthorized module access through the
requiresystem. These attack vectors include, but are not limited to:module._loadmethod.constructor.constructorto access the globalFunction()constructor and escape the sandboxObjectbehaviorimport()to access restricted system modulesChanges Introduced
vm.runInThisContextin the hostthis.contextandthis.__loaderfor referencing sandbox context and the ESM linker, respectivelyNotes on Prototype Safety
Prototype chains differ between the sandboxed context, the host context, and environments such as
<iframe>, leading to inconsistencies in instanceof behavior. To safely perform type checks, avoid usinginstanceofand use the following strategies instead:Array.isArray(obj)obj instanceof ArrayObject.prototype.toString.call(obj) === '[object Object]'obj instanceof ObjectObject.prototype.toString.call(obj) === '[object Function]'obj instanceof Functiontypeof,isPlainObject, etc.)Or use type-safe strategies that do not rely on prototype chains.
no experimental features
Pull request closed