Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

src,permission: add multiple allow-fs-* flags #49047

Merged
merged 7 commits into from
Aug 17, 2023

Conversation

Ceres6
Copy link
Contributor

@Ceres6 Ceres6 commented Aug 6, 2023

Breaking change: Support for a single comma separates list for allow-fs-* flags is removed.

This means that

--alow-fs-read=/path/to/file.txt,/other/file/path.txt

Will be interpreted as a single file.

When using a single flag and including commas in said flag a warning will be emitted explaining the change.

Instead now multiple flags can be passed to allow multiple paths.

--allow-fs-read=/path/to/file.txt --allow-fs-read=/other/file/path.txt

Will allow access to both paths.

Fixes: nodejs/security-wg#1039

@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/security-wg

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. labels Aug 6, 2023
Copy link
Member

@RafaelGSS RafaelGSS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we have a test for the warning too?

doc/api/cli.md Outdated Show resolved Hide resolved
lib/internal/process/pre_execution.js Outdated Show resolved Hide resolved
lib/internal/process/pre_execution.js Outdated Show resolved Hide resolved
lib/internal/process/pre_execution.js Outdated Show resolved Hide resolved
lib/internal/process/pre_execution.js Outdated Show resolved Hide resolved
src/node_options.h Show resolved Hide resolved
@tniessen tniessen added the permission Issues and PRs related to the Permission Model label Aug 10, 2023
@Ceres6
Copy link
Contributor Author

Ceres6 commented Aug 10, 2023

Copy link
Member

@richardlau richardlau left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Possibly add changes metadata to the YAML blocks? e.g.

changes:
  - version: REPLACEME
    pr-url: https://github.com/nodejs/node/pull/49047
    description: Paths delimited by comma (`,`) are no longer allowed.

doc/api/cli.md Outdated
* Multiple paths can be allowed using multiple `--allow-fs-read` flags.
Example `--allow-fs-read=/folder1/ --allow-fs-read=/folder1/`

NOTE: Paths delimited by comma (`,`) are no longer allowed.
Copy link
Member

@richardlau richardlau Aug 10, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This could also be added as changes metadata in the YAML block above.

* Multiple paths can be allowed using multiple `--allow-fs-read` flags.
Example `--allow-fs-read=/folder1/ --allow-fs-read=/folder1/`

Paths delimited by comma (`,`) are no longer allowed.
Copy link
Member

@richardlau richardlau Aug 10, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This could also be added as changes metadata in the YAML block above.

@Ceres6 Ceres6 requested review from richardlau and RafaelGSS August 10, 2023 21:22
@RafaelGSS RafaelGSS added the request-ci Add this label to start a Jenkins CI on a PR. label Aug 11, 2023
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Aug 11, 2023
@nodejs-github-bot
Copy link
Collaborator

Copy link
Member

@RafaelGSS RafaelGSS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One import left

src/permission/fs_permission.cc Outdated Show resolved Hide resolved
@RafaelGSS RafaelGSS added the commit-queue-squash Add this label to instruct the Commit Queue to squash all the PR commits into the first one. label Aug 11, 2023
@Ceres6 Ceres6 requested a review from RafaelGSS August 11, 2023 16:34
@RafaelGSS RafaelGSS added the request-ci Add this label to start a Jenkins CI on a PR. label Aug 11, 2023
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Aug 11, 2023
@nodejs-github-bot
Copy link
Collaborator

@RafaelGSS
Copy link
Member

It seems the machines are broken. I'll wait a bit to request another CI.

@RafaelGSS RafaelGSS added the request-ci Add this label to start a Jenkins CI on a PR. label Aug 12, 2023
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Aug 12, 2023
@nodejs-github-bot

This comment was marked as outdated.

@RafaelGSS RafaelGSS added the request-ci Add this label to start a Jenkins CI on a PR. label Aug 12, 2023
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Aug 12, 2023
@nodejs-github-bot
Copy link
Collaborator

Ceres6 and others added 4 commits August 12, 2023 21:36
Support for a single comma separates list for allow-fs-* flags is
removed. Instead now multiple flags can be passed to allow multiple
paths.

Fixes: nodejs/security-wg#1039
Co-authored-by: Rafael Gonzaga <rafael.nunu@hotmail.com>
Co-authored-by: Rafael Gonzaga <rafael.nunu@hotmail.com>
UlisesGascon added a commit that referenced this pull request Sep 13, 2023
Notable changes:

crypto:
  * update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341
doc:
  * move and rename loaders section (Geoffrey Booth) #49261
  * add release key for Ulises Gascon (Ulises Gascón) #49196
lib:
  * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) #46391
src:
  * support multiple `--env-file` declarations (Yagiz Nizipli) #49542
src,permission:
  * add multiple allow-fs-* flags (Carlos Espa) #49047
test_runner:
  * (SEMVER-MINOR) expose location of tests (Colin Ihrig) #48975

PR-URL: #49592
UlisesGascon added a commit that referenced this pull request Sep 13, 2023
Notable changes:

crypto:
  * update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341
doc:
  * move and rename loaders section (Geoffrey Booth) #49261
  * add release key for Ulises Gascon (Ulises Gascón) #49196
lib:
  * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) #46391
src:
  * support multiple `--env-file` declarations (Yagiz Nizipli) #49542
src,permission:
  * add multiple allow-fs-* flags (Carlos Espa) #49047
test_runner:
  * (SEMVER-MINOR) expose location of tests (Colin Ihrig) #48975

PR-URL: #49592
UlisesGascon added a commit that referenced this pull request Sep 16, 2023
Notable changes:

crypto:
  * update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341
doc:
  * move and rename loaders section (Geoffrey Booth) #49261
  * add release key for Ulises Gascon (Ulises Gascón) #49196
lib:
  * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) #46391
src:
  * support multiple `--env-file` declarations (Yagiz Nizipli) #49542
src,permission:
  * add multiple allow-fs-* flags (Carlos Espa) #49047
test_runner:
  * (SEMVER-MINOR) expose location of tests (Colin Ihrig) #48975

PR-URL: #49592
UlisesGascon added a commit that referenced this pull request Sep 18, 2023
Notable changes:

crypto:
  * update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341
deps:
  * upgrade npm to 10.0.0 (npm team) #49423
  * upgrade npm to 10.1.0 (npm team) #49570
doc:
  * move and rename loaders section (Geoffrey Booth) #49261
  * add release key for Ulises Gascon (Ulises Gascón) #49196
lib:
  * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) #46391
src:
  * support multiple `--env-file` declarations (Yagiz Nizipli) #49542
src,permission:
  * add multiple allow-fs-* flags (Carlos Espa) #49047
test_runner:
  * (SEMVER-MINOR) expose location of tests (Colin Ihrig) #48975

PR-URL: #49592
UlisesGascon added a commit that referenced this pull request Sep 18, 2023
Notable changes:

crypto:
  * update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341
deps:
  * upgrade npm to 10.1.0 (npm team) #49570
  * upgrade npm to 10.0.0 (npm team) #49423
doc:
  * move and rename loaders section (Geoffrey Booth) #49261
  * add release key for Ulises Gascon (Ulises Gascón) #49196
lib:
  * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) #46391
src:
  * support multiple `--env-file` declarations (Yagiz Nizipli) #49542
src,permission:
  * add multiple allow-fs-* flags (Carlos Espa) #49047
test_runner:
  * (SEMVER-MINOR) expose location of tests (Colin Ihrig) #48975

PR-URL: #49592
UlisesGascon added a commit to UlisesGascon/node that referenced this pull request Sep 18, 2023
Notable changes:

crypto:
  * update root certificates to NSS 3.93 (Node.js GitHub Bot) nodejs#49341
deps:
  * upgrade npm to 10.1.0 (npm team) nodejs#49570
  * upgrade npm to 10.0.0 (npm team) nodejs#49423
doc:
  * move and rename loaders section (Geoffrey Booth) nodejs#49261
  * add release key for Ulises Gascon (Ulises Gascón) nodejs#49196
lib:
  * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) nodejs#46391
src:
  * support multiple `--env-file` declarations (Yagiz Nizipli) nodejs#49542
src,permission:
  * add multiple allow-fs-* flags (Carlos Espa) nodejs#49047
test_runner:
  * (SEMVER-MINOR) expose location of tests (Colin Ihrig) nodejs#48975

PR-URL: nodejs#49592
alexfernandez pushed a commit to alexfernandez/node that referenced this pull request Nov 1, 2023
Notable changes:

crypto:
  * update root certificates to NSS 3.93 (Node.js GitHub Bot) nodejs#49341
deps:
  * upgrade npm to 10.1.0 (npm team) nodejs#49570
  * upgrade npm to 10.0.0 (npm team) nodejs#49423
doc:
  * move and rename loaders section (Geoffrey Booth) nodejs#49261
  * add release key for Ulises Gascon (Ulises Gascón) nodejs#49196
lib:
  * (SEMVER-MINOR) add api to detect whether source-maps are enabled (翠 / green) nodejs#46391
src:
  * support multiple `--env-file` declarations (Yagiz Nizipli) nodejs#49542
src,permission:
  * add multiple allow-fs-* flags (Carlos Espa) nodejs#49047
test_runner:
  * (SEMVER-MINOR) expose location of tests (Colin Ihrig) nodejs#48975

PR-URL: nodejs#49592
tniessen added a commit to tniessen/node that referenced this pull request Nov 10, 2023
The use of string_view and subsequent copying to a string was supposed
to be a minor optimization in 640a7918, however, since 413c16e, no
string splitting occurs anymore. Therefore, we can simply pass around
some references instead of using string_view or copying strings.

Refs: nodejs#48491
Refs: nodejs#49047
tniessen added a commit to tniessen/node that referenced this pull request Nov 17, 2023
The use of string_view and subsequent copying to a string was supposed
to be a minor optimization in 640a7918, however, since 413c16e, no
string splitting occurs anymore. Therefore, we can simply pass around
some references instead of using string_view or copying strings.

Refs: nodejs#48491
Refs: nodejs#49047
nodejs-github-bot pushed a commit that referenced this pull request Nov 19, 2023
The use of string_view and subsequent copying to a string was supposed
to be a minor optimization in 640a7918, however, since 413c16e, no
string splitting occurs anymore. Therefore, we can simply pass around
some references instead of using string_view or copying strings.

Refs: #48491
Refs: #49047
PR-URL: #50662
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
tniessen added a commit to tniessen/node that referenced this pull request Nov 21, 2023
nodejs-github-bot pushed a commit that referenced this pull request Nov 22, 2023
Refs: #49047
PR-URL: #50845
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br>
Reviewed-By: Deokjin Kim <deokjin81.kim@gmail.com>
targos pushed a commit that referenced this pull request Nov 23, 2023
The use of string_view and subsequent copying to a string was supposed
to be a minor optimization in 640a7918, however, since 413c16e, no
string splitting occurs anymore. Therefore, we can simply pass around
some references instead of using string_view or copying strings.

Refs: #48491
Refs: #49047
PR-URL: #50662
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
targos pushed a commit that referenced this pull request Nov 23, 2023
Refs: #49047
PR-URL: #50845
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br>
Reviewed-By: Deokjin Kim <deokjin81.kim@gmail.com>
martenrichter pushed a commit to martenrichter/node that referenced this pull request Nov 26, 2023
The use of string_view and subsequent copying to a string was supposed
to be a minor optimization in 640a7918, however, since 413c16e, no
string splitting occurs anymore. Therefore, we can simply pass around
some references instead of using string_view or copying strings.

Refs: nodejs#48491
Refs: nodejs#49047
PR-URL: nodejs#50662
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
martenrichter pushed a commit to martenrichter/node that referenced this pull request Nov 26, 2023
Refs: nodejs#49047
PR-URL: nodejs#50845
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br>
Reviewed-By: Deokjin Kim <deokjin81.kim@gmail.com>
lucshi pushed a commit to lucshi/node that referenced this pull request Nov 27, 2023
The use of string_view and subsequent copying to a string was supposed
to be a minor optimization in 640a7918, however, since 413c16e, no
string splitting occurs anymore. Therefore, we can simply pass around
some references instead of using string_view or copying strings.

Refs: nodejs#48491
Refs: nodejs#49047
PR-URL: nodejs#50662
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
lucshi pushed a commit to lucshi/node that referenced this pull request Nov 27, 2023
Refs: nodejs#49047
PR-URL: nodejs#50845
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br>
Reviewed-By: Deokjin Kim <deokjin81.kim@gmail.com>
RafaelGSS pushed a commit that referenced this pull request Nov 29, 2023
The use of string_view and subsequent copying to a string was supposed
to be a minor optimization in 640a7918, however, since 413c16e, no
string splitting occurs anymore. Therefore, we can simply pass around
some references instead of using string_view or copying strings.

Refs: #48491
Refs: #49047
PR-URL: #50662
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
RafaelGSS pushed a commit that referenced this pull request Nov 29, 2023
Refs: #49047
PR-URL: #50845
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br>
Reviewed-By: Deokjin Kim <deokjin81.kim@gmail.com>
RafaelGSS pushed a commit that referenced this pull request Nov 30, 2023
The use of string_view and subsequent copying to a string was supposed
to be a minor optimization in 640a7918, however, since 413c16e, no
string splitting occurs anymore. Therefore, we can simply pass around
some references instead of using string_view or copying strings.

Refs: #48491
Refs: #49047
PR-URL: #50662
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
RafaelGSS pushed a commit that referenced this pull request Nov 30, 2023
Refs: #49047
PR-URL: #50845
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br>
Reviewed-By: Deokjin Kim <deokjin81.kim@gmail.com>
UlisesGascon pushed a commit that referenced this pull request Dec 11, 2023
The use of string_view and subsequent copying to a string was supposed
to be a minor optimization in 640a7918, however, since 413c16e, no
string splitting occurs anymore. Therefore, we can simply pass around
some references instead of using string_view or copying strings.

Refs: #48491
Refs: #49047
PR-URL: #50662
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
UlisesGascon pushed a commit that referenced this pull request Dec 11, 2023
Refs: #49047
PR-URL: #50845
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br>
Reviewed-By: Deokjin Kim <deokjin81.kim@gmail.com>
UlisesGascon pushed a commit that referenced this pull request Dec 13, 2023
Refs: #49047
PR-URL: #50845
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br>
Reviewed-By: Deokjin Kim <deokjin81.kim@gmail.com>
UlisesGascon pushed a commit that referenced this pull request Dec 15, 2023
Refs: #49047
PR-URL: #50845
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br>
Reviewed-By: Deokjin Kim <deokjin81.kim@gmail.com>
UlisesGascon pushed a commit that referenced this pull request Dec 19, 2023
The use of string_view and subsequent copying to a string was supposed
to be a minor optimization in 640a7918, however, since 413c16e, no
string splitting occurs anymore. Therefore, we can simply pass around
some references instead of using string_view or copying strings.

Refs: #48491
Refs: #49047
PR-URL: #50662
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
UlisesGascon pushed a commit that referenced this pull request Dec 19, 2023
Refs: #49047
PR-URL: #50845
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br>
Reviewed-By: Deokjin Kim <deokjin81.kim@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. commit-queue-squash Add this label to instruct the Commit Queue to squash all the PR commits into the first one. dont-land-on-v18.x PRs that should not land on the v18.x-staging branch and should not be released in v18.x. lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. notable-change PRs with changes that should be highlighted in changelogs. permission Issues and PRs related to the Permission Model
Projects
None yet
Development

Successfully merging this pull request may close these issues.

How to includes "," or "*" char self in --allow-fs-read?
6 participants