Skip to content

Commit

Permalink
doc: mention node:wasi in the Threat Model
Browse files Browse the repository at this point in the history 
PR-URL: #51211
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
  • Loading branch information
@RafaelGSS
RafaelGSS committed Jan 2, 2024
1 parent 83a99cc commit c13a5c0
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions SECURITY.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,8 @@ lead to a loss of confidentiality, integrity, or availability.
end being on the local machine or remote.
6. The file system when requiring a module.
See <https://nodejs.org/api/modules.html#all-together>.
7. The `node:wasi` module does not currently provide the comprehensive file
system security properties provided by some WASI runtimes.

Any unexpected behavior from the data manipulation from Node.js Internal
functions may be considered a vulnerability if they are exploitable via
Expand Down

0 comments on commit c13a5c0

Please sign in to comment.