diff options
| author | Matt Mastracci <matthew@mastracci.com> | 2024-01-03 16:31:39 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-04 00:31:39 +0100 |
| commit | 00970daea2245bf4af6b3ee21d0e522fec5638b8 (patch) | |
| tree | 1c21ab0a4a25124349262d3c97ab1fdce5344521 /ext/websocket/01_websocket.js | |
| parent | 7f1c41d245026fe5929f6fb7f60d48cc52d81f2f (diff) | |
fix(cli): harden permission stdio check (#21778)
Harden the code that does permission checks to protect against
re-opening of stdin.
Code that runs FFI is vulnerable to an attack where fd 0 is closed
during a permission check and re-opened with a file that contains a
positive response (ie: `y` or `A`). While FFI code is dangerous in
general, we can make it more difficult for FFI-enabled code to bypass
additional permission checks.
- Checks to see if the underlying file for stdin has changed from the
start to the end of the permission check (detects races)
- Checks to see if the message is excessively long (lowering the window
for races)
- Checks to see if stdin and stderr are still terminals at the end of
the function (making races more difficult)
Diffstat (limited to 'ext/websocket/01_websocket.js')
0 files changed, 0 insertions, 0 deletions