Permissions bypass exploit #1858
Comments
|
Thanks for reporting - makes sense. Only the "compiler" isolate should have access We don't have a great way to decide which Isolate an op request is coming from at the moment. But I'm refactoring this now, and I will add something so we can branch on it. |
|
After a little thought I decided that It would be a good idea to assign permissions on a per-isolate basis. I already have some working code for this refactor, and it should be beneficial for more than just solving this problem. |
This was referenced Mar 1, 2019
Merged
ry
pushed a commit
that referenced
this issue
Mar 2, 2019
Refactored permissions to be assignable on a per-isolate basis, and added a fix for #1858 to op_fetch_module_meta_data.
|
Fixed in 8c310d3 |
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I found a direct bypass of the file system permissions checks.
The compiler code is currently designed around a privileged operation
op_fetch_module_meta_datathat can be used to read any file on the host file system or make almost any GET http/https request you want with the hosts connection. Thelibdeno.sendfunction required to send the request to run said operation is available in the global scope of any code executed in the same context.Proof of concept
The text was updated successfully, but these errors were encountered: