View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0012660 | MMW 5 | General | public | 2015-03-18 15:17 | 2022-04-21 22:37 |
| Reporter | jiri | Assigned To | |||
| Priority | high | Severity | minor | Reproducibility | N/A |
| Status | feedback | Resolution | open | ||
| Summary | 0012660: Sandboxing | ||||
| Description | Since MM API will expose features that could be exploited for dangerous operations (e.g. filesystem access), it would be useful to consider sandboxing options at least for some features. Currently all scripts use 'app' object to access MM API, this would require a token to be delivered to scripts on their start (e.g. a random number), later used to access some features, e.g. like app.secure(token).filesystem.delete(xxx). Note that the core JS code (our own) would probably need some randomization, in order to not let scripts to use its token. E.g. all source JS files could access the secure object as app.secure_default.xxx and the string 'app.secure_default' would be replaced in all JS files to some randomized version (like app.secure_GAJGNSCNAZX). Note that some tricks might be needed in order to properly hide our secure object, e.g. to overwrite Function.prototype.toString and to make our secure object non-enumerable. Currently, just some ideas for further thoughts... | ||||
| Tags | No tags attached. | ||||
| Fixed in build | |||||
