-
Notifications
You must be signed in to change notification settings - Fork 5.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deno.mainModule should not require permissions #7315
Comments
Hmmm... The one "problem" with this is that any module could get information about the local system. We have So personally, I think the permissions should stay, taking the conservative viewpoint, until there is a compelling use case we can't work around reasonably. Actually the point about the stack traces is interesting from a security exploit perspective. I wonder if throwing an error and trapping the trace would expose information about the local file system? |
I hit this problem as well working on Node compatibility - accessing |
Network access would allow for exfiltrating this information. |
Discussed with other team members, we are going to remove requirement for allow read permission on |
Any updates regarding this topic? Thanks |
The value of
Deno.mainModule
is visible in call stacks. In general, we should make it a non-goal to hide information about "calling" code. You can currently hide it from call stacks by moving calls to untrusted code to the top-level of some other insignificant imported module. But the same technique could most likely be used to make sure yourDeno.mainModule
is insignificant.This leaves future opportunities to remove
import.meta.main
in favour ofimport.meta.url == Deno.mainModule
, as was intended by the spec: https://github.com/tc39/proposal-import-meta#am-i-the-main-module. But that means we have to statically substituteDeno.mainModule
in bundles, leaving no way to get the "true" main module which some people won't like (#6344 (comment)). Anyway, that discussion can wait.The text was updated successfully, but these errors were encountered: