diff options
| author | Luca Casonato <hello@lcas.dev> | 2024-09-03 11:24:25 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-09-03 11:24:25 +0200 |
| commit | 5cf97f539bb0c3d2bda918f53cd4a976c03b37e3 (patch) | |
| tree | 82f05b270b3df52609e3d0d6c86a768d1399e257 /cli/args/flags.rs | |
| parent | b5695d02df75719bca0df1aae0622b22761b1533 (diff) | |
BREAKING(permissions): remove --allow-hrtime (#25367)
Remove `--allow-hrtime` and `--deny-hrtime`. We are doing this because
it is already possible to get access to high resolution timers through
workers and SharedArrayBuffer.
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Diffstat (limited to 'cli/args/flags.rs')
| -rw-r--r-- | cli/args/flags.rs | 81 |
1 files changed, 4 insertions, 77 deletions
diff --git a/cli/args/flags.rs b/cli/args/flags.rs index 98db40a1e..44f97010f 100644 --- a/cli/args/flags.rs +++ b/cli/args/flags.rs @@ -619,8 +619,6 @@ pub struct PermissionFlags { pub allow_all: bool, pub allow_env: Option<Vec<String>>, pub deny_env: Option<Vec<String>>, - pub allow_hrtime: bool, - pub deny_hrtime: bool, pub allow_ffi: Option<Vec<String>>, pub deny_ffi: Option<Vec<String>>, pub allow_net: Option<Vec<String>>, @@ -641,8 +639,6 @@ impl PermissionFlags { self.allow_all || self.allow_env.is_some() || self.deny_env.is_some() - || self.allow_hrtime - || self.deny_hrtime || self.allow_ffi.is_some() || self.deny_ffi.is_some() || self.allow_net.is_some() @@ -690,8 +686,6 @@ impl PermissionFlags { allow_all: self.allow_all, allow_env: self.allow_env.clone(), deny_env: self.deny_env.clone(), - allow_hrtime: self.allow_hrtime, - deny_hrtime: self.deny_hrtime, allow_net: self.allow_net.clone(), deny_net: self.deny_net.clone(), allow_ffi: convert_option_str_to_path_buf(&self.allow_ffi, initial_cwd)?, @@ -905,14 +899,6 @@ impl Flags { _ => {} } - if self.permissions.allow_hrtime { - args.push("--allow-hrtime".to_string()); - } - - if self.permissions.deny_hrtime { - args.push("--deny-hrtime".to_string()); - } - args } @@ -996,8 +982,6 @@ impl Flags { pub fn has_permission_in_argv(&self) -> bool { self.argv.iter().any(|arg| { arg == "--allow-all" - || arg == "--allow-hrtime" - || arg == "--deny-hrtime" || arg.starts_with("--allow-env") || arg.starts_with("--deny-env") || arg.starts_with("--allow-ffi") @@ -1025,7 +1009,6 @@ impl Flags { self.permissions.allow_write = Some(vec![]); self.permissions.allow_sys = Some(vec![]); self.permissions.allow_ffi = Some(vec![]); - self.permissions.allow_hrtime = true; } pub fn resolve_watch_exclude_set( @@ -1393,7 +1376,6 @@ fn handle_repl_flags(flags: &mut Flags, repl_flags: ReplFlags) { flags.permissions.allow_sys = Some(vec![]); flags.permissions.allow_write = Some(vec![]); flags.permissions.allow_ffi = Some(vec![]); - flags.permissions.allow_hrtime = true; } flags.subcommand = DenoSubcommand::Repl(repl_flags); } @@ -3098,8 +3080,6 @@ Docs: <c>https://docs.deno.com/go/permissions</> <p(245)>--allow-run | --allow-run="whoami,ps"</> <g>--allow-ffi[=<<PATH>...]</> (Unstable) Allow loading dynamic libraries. Optionally specify allowed directories or files. <p(245)>--allow-ffi | --allow-ffi="./libfoo.so"</> - <g>--allow-hrtime</> Allow high-resolution time measurement. Note: this can enable timing attacks and fingerprinting. - <p(245)>--allow-hrtime</> <g> --deny-read[=<<PATH>...]</> Deny file system read access. Optionally specify denied paths. <p(245)>--deny-read | --deny-read="/etc,/var/log.txt"</> <g> --deny-write[=<<PATH>...]</> Deny file system write access. Optionally specify denied paths. @@ -3114,8 +3094,6 @@ Docs: <c>https://docs.deno.com/go/permissions</> <p(245)>--deny-run | --deny-run="whoami,ps"</> <g>--deny-ffi[=<<PATH>...]</> (Unstable) Deny loading dynamic libraries. Optionally specify denied directories or files. <p(245)>--deny-ffi | --deny-ffi="./libfoo.so"</> - <g>--deny-hrtime</> Deny high-resolution time measurement. - <p(245)>--deny-hrtime</> "#)) .arg( Arg::new("allow-all") @@ -3312,14 +3290,14 @@ Docs: <c>https://docs.deno.com/go/permissions</> Arg::new("allow-hrtime") .long("allow-hrtime") .action(ArgAction::SetTrue) - .help("Allow high-resolution time measurement. Note: this can enable timing attacks and fingerprinting") + .help("REMOVED in Deno 2.0") .hide(true), ) .arg( Arg::new("deny-hrtime") .long("deny-hrtime") .action(ArgAction::SetTrue) - .help("Deny high-resolution time measurement. Note: this can prevent timing attacks and fingerprinting") + .help("REMOVED in Deno 2.0") .hide(true), ) .arg( @@ -4802,12 +4780,8 @@ fn permission_args_parse(flags: &mut Flags, matches: &mut ArgMatches) { debug!("ffi denylist: {:#?}", &flags.permissions.deny_ffi); } - if matches.get_flag("allow-hrtime") { - flags.permissions.allow_hrtime = true; - } - - if matches.get_flag("deny-hrtime") { - flags.permissions.deny_hrtime = true; + if matches.get_flag("allow-hrtime") || matches.get_flag("deny-hrtime") { + log::warn!("⚠️ Warning: `allow-hrtime` and `deny-hrtime` have been removed in Deno 2, as high resolution time is now always allowed."); } if matches.get_flag("allow-all") { @@ -5784,7 +5758,6 @@ mod tests { allow_sys: Some(vec![]), allow_write: Some(vec![]), allow_ffi: Some(vec![]), - allow_hrtime: true, ..Default::default() }, code_cache_enabled: true, @@ -5857,44 +5830,6 @@ mod tests { } #[test] - fn allow_hrtime() { - let r = flags_from_vec(svec!["deno", "run", "--allow-hrtime", "gist.ts"]); - assert_eq!( - r.unwrap(), - Flags { - subcommand: DenoSubcommand::Run(RunFlags::new_default( - "gist.ts".to_string(), - )), - permissions: PermissionFlags { - allow_hrtime: true, - ..Default::default() - }, - code_cache_enabled: true, - ..Flags::default() - } - ); - } - - #[test] - fn deny_hrtime() { - let r = flags_from_vec(svec!["deno", "run", "--deny-hrtime", "gist.ts"]); - assert_eq!( - r.unwrap(), - Flags { - subcommand: DenoSubcommand::Run(RunFlags::new_default( - "gist.ts".to_string(), - )), - permissions: PermissionFlags { - deny_hrtime: true, - ..Default::default() - }, - code_cache_enabled: true, - ..Flags::default() - } - ); - } - - #[test] fn double_hyphen() { // notice that flags passed after double dash will not // be parsed to Flags but instead forwarded to @@ -6717,7 +6652,6 @@ mod tests { allow_sys: Some(vec![]), allow_write: Some(vec![]), allow_ffi: Some(vec![]), - allow_hrtime: true, ..Default::default() }, ..Flags::default() @@ -6744,7 +6678,6 @@ mod tests { allow_sys: Some(vec![]), allow_write: Some(vec![]), allow_ffi: Some(vec![]), - allow_hrtime: true, ..Default::default() }, ..Flags::default() @@ -6776,7 +6709,6 @@ mod tests { allow_sys: Some(vec![]), allow_write: Some(vec![]), allow_ffi: Some(vec![]), - allow_hrtime: true, ..Default::default() }, ext: Some("ts".to_string()), @@ -6817,7 +6749,6 @@ mod tests { allow_sys: Some(vec![]), allow_write: Some(vec![]), allow_ffi: Some(vec![]), - allow_hrtime: true, ..Default::default() }, env_file: Some(".example.env".to_owned()), @@ -6852,7 +6783,6 @@ mod tests { allow_sys: Some(vec![]), allow_write: Some(vec![]), allow_ffi: Some(vec![]), - allow_hrtime: true, ..Default::default() }, ..Flags::default() @@ -6886,7 +6816,6 @@ mod tests { deny_write: None, allow_ffi: Some(vec![]), deny_ffi: None, - allow_hrtime: true, ..Default::default() }, ..Flags::default() @@ -6940,7 +6869,6 @@ mod tests { allow_sys: Some(vec![]), allow_write: Some(vec![]), allow_ffi: Some(vec![]), - allow_hrtime: true, ..Default::default() }, env_file: Some(".example.env".to_owned()), @@ -10312,7 +10240,6 @@ mod tests { allow_sys: Some(vec![]), allow_write: Some(vec![]), allow_ffi: Some(vec![]), - allow_hrtime: true, ..Default::default() }, ..Flags::default() |