Improve desktop security by isolating Electron
Enable `contextIsolation` in Electron to securely expose a limited set of Node.js APIs to the renderer process. It: 1. Isolates renderer and main process contexts. It ensures that the powerful main process functions aren't directly accessible from renderer process(es), adding a security boundary. 2. Mitigates remote exploitation risks. By isolating contexts, potential malicious code injections in the renderer can't directly reach and compromise the main process. 3. Reduces attack surface. 4. Protect against prototype pollution: It prevents tampering of JavaScript object prototypes in one context from affecting another context, improving app reliability and security. Supporting changes include: - Extract environment and system operations classes to the infrastructure layer. This removes node dependencies from core domain and application code. - Introduce `ISystemOperations` to encapsulate OS interactions. Use it from `CodeRunner` to isolate node API usage. - Add a preloader script to inject validated environment variables into renderer context. This keeps Electron integration details encapsulated. - Add new sanity check to fail fast on issues with preloader injected variables. - Improve test coverage of runtime sanity checks and environment components. Move validation logic into separate classes for Single Responsibility. - Improve absent value test case generation.
This commit is contained in:
undergroundwires
@@ -1,25 +1,27 @@
|
||||
import os from 'os';
|
||||
import path from 'path';
|
||||
import fs from 'fs';
|
||||
import child_process from 'child_process';
|
||||
import { Environment } from '@/application/Environment/Environment';
|
||||
import { Environment } from '@/infrastructure/Environment/Environment';
|
||||
import { OperatingSystem } from '@/domain/OperatingSystem';
|
||||
|
||||
export class CodeRunner {
|
||||
constructor(
|
||||
private readonly node = getNodeJs(),
|
||||
private readonly environment = Environment.CurrentEnvironment,
|
||||
) {
|
||||
if (!environment.system) {
|
||||
throw new Error('missing system operations');
|
||||
}
|
||||
}
|
||||
|
||||
public async runCode(code: string, folderName: string, fileExtension: string): Promise<void> {
|
||||
const dir = this.node.path.join(this.node.os.tmpdir(), folderName);
|
||||
await this.node.fs.promises.mkdir(dir, { recursive: true });
|
||||
const filePath = this.node.path.join(dir, `run.${fileExtension}`);
|
||||
await this.node.fs.promises.writeFile(filePath, code);
|
||||
await this.node.fs.promises.chmod(filePath, '755');
|
||||
const { system } = this.environment;
|
||||
const dir = system.location.combinePaths(
|
||||
system.operatingSystem.getTempDirectory(),
|
||||
folderName,
|
||||
);
|
||||
await system.fileSystem.createDirectory(dir, true);
|
||||
const filePath = system.location.combinePaths(dir, `run.${fileExtension}`);
|
||||
await system.fileSystem.writeToFile(filePath, code);
|
||||
await system.fileSystem.setFilePermissions(filePath, '755');
|
||||
const command = getExecuteCommand(filePath, this.environment);
|
||||
this.node.child_process.exec(command);
|
||||
system.command.execute(command);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -38,43 +40,3 @@ function getExecuteCommand(scriptPath: string, environment: Environment): string
|
||||
throw Error(`unsupported os: ${OperatingSystem[environment.os]}`);
|
||||
}
|
||||
}
|
||||
|
||||
function getNodeJs(): INodeJs {
|
||||
return {
|
||||
os, path, fs, child_process,
|
||||
};
|
||||
}
|
||||
|
||||
export interface INodeJs {
|
||||
os: INodeOs;
|
||||
path: INodePath;
|
||||
fs: INodeFs;
|
||||
// eslint-disable-next-line camelcase
|
||||
child_process: INodeChildProcess;
|
||||
}
|
||||
|
||||
export interface INodeOs {
|
||||
tmpdir(): string;
|
||||
}
|
||||
|
||||
export interface INodePath {
|
||||
join(...paths: string[]): string;
|
||||
}
|
||||
|
||||
export interface INodeChildProcess {
|
||||
exec(command: string): void;
|
||||
}
|
||||
|
||||
export interface INodeFs {
|
||||
readonly promises: INodeFsPromises;
|
||||
}
|
||||
|
||||
interface INodeFsPromisesMakeDirectoryOptions {
|
||||
recursive?: boolean;
|
||||
}
|
||||
|
||||
interface INodeFsPromises { // https://github.com/DefinitelyTyped/DefinitelyTyped/blob/master/types/node/v13/fs.d.ts
|
||||
chmod(path: string, mode: string | number): Promise<void>;
|
||||
mkdir(path: string, options: INodeFsPromisesMakeDirectoryOptions): Promise<string>;
|
||||
writeFile(path: string, data: string): Promise<void>;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user