1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-01-22 15:10:44 -05:00
denoland-deno/runtime
Matt Mastracci 00970daea2
fix(cli): harden permission stdio check (#21778)
Harden the code that does permission checks to protect against
re-opening of stdin.

Code that runs FFI is vulnerable to an attack where fd 0 is closed
during a permission check and re-opened with a file that contains a
positive response (ie: `y` or `A`). While FFI code is dangerous in
general, we can make it more difficult for FFI-enabled code to bypass
additional permission checks.

- Checks to see if the underlying file for stdin has changed from the
start to the end of the permission check (detects races)
- Checks to see if the message is excessively long (lowering the window
for races)
- Checks to see if stdin and stderr are still terminals at the end of
the function (making races more difficult)
2024-01-04 00:31:39 +01:00
..
examples chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
js Revert "fix(runtime): Make native modal keyboard interaction consistent with browsers" (#21739) 2024-01-02 09:36:05 +05:30
ops Revert "fix(runtime): Make native modal keyboard interaction consistent with browsers" (#21739) 2024-01-02 09:36:05 +05:30
permissions fix(cli): harden permission stdio check (#21778) 2024-01-04 00:31:39 +01:00
build.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
Cargo.toml Revert "fix(runtime): Make native modal keyboard interaction consistent with browsers" (#21739) 2024-01-02 09:36:05 +05:30
clippy.toml feat(compile): unstable npm and node specifier support (#19005) 2023-05-10 20:06:59 -04:00
colors.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
errors.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
fmt_errors.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
fs_util.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
inspector_server.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
js.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
lib.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
README.md fix (doc): Typo in runtime/README.md (#20020) 2023-12-13 17:24:32 +00:00
shared.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
snapshot.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
tokio_util.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
web_worker.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
worker.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
worker_bootstrap.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00

deno_runtime crate

crates docs

This is a slim version of the Deno CLI which removes typescript integration and various tooling (like lint and doc). Basically only JavaScript execution with Deno's operating system bindings (ops).

Stability

This crate is built using battle-tested modules that were originally in the deno crate, however the API of this crate is subject to rapid and breaking changes.

MainWorker

The main API of this crate is MainWorker. MainWorker is a structure encapsulating deno_core::JsRuntime with a set of ops used to implement Deno namespace.

When creating a MainWorker implementors must call MainWorker::bootstrap to prepare JS runtime for use.

MainWorker is highly configurable and allows to customize many of the runtime's properties:

  • module loading implementation
  • error formatting
  • support for source maps
  • support for V8 inspector and Chrome Devtools debugger
  • HTTP client user agent, CA certificate
  • random number generator seed

Worker Web API

deno_runtime comes with support for Worker Web API. The Worker API is implemented using WebWorker structure.

When creating a new instance of MainWorker implementors must provide a callback function that is used when creating a new instance of Worker.

All WebWorker instances are descendents of MainWorker which is responsible for setting up communication with child worker. Each WebWorker spawns a new OS thread that is dedicated solely to that worker.