You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cordova.apache.org by GitBox <gi...@apache.org> on 2020/08/06 09:02:35 UTC

[GitHub] [cordova-plugin-file] breautek commented on issue #276: Question Regarding Restricting FileSystem Access to certain parts of the code

breautek commented on issue #276:
URL: https://github.com/apache/cordova-plugin-file/issues/276#issuecomment-669806385


   The feature you're talking about is essentially what SELinux or AppArmor is for Linux, which developers can set a set of profiles that essentially describes what their app can or cannot access. Ie, if the app has no business touching the file system, the developer can configure a policy that prevents the app from using filesystem APIs... so should there be an exploit through the application, the exploit cannot be used to read or write to the filesystem, thus limiting the attack vector.
   
   Unfortunately JavaScript in general has no concept of this. If an exploit allowed a malicious attack be able to execute arbitrary javascript in a cordova environment, it can find/import a path to the file system APIs (or any other cordova/application api). You can't prevent/filter JS execution from the JS environment.
   
   However I think it might be possible to implement something similar to this as a cordova feature to say "my app will only read/write to these set of files/directories" and restrict the app from accessing any other file. It's be important to understand that this would not protect you from malicious actors accessing files that you would want your app to access, but it could help prevent your app being abused (in an event of a zero-day exploit) to limit the attack vector.
   
   This kind of feature would be a pretty large job, so I don't foresee this happening anytime soon (especially since this was originally asked in 2018....) but this kind of discussion would be more appropriate for the [dev mailing list](https://cordova.apache.org/contact/).


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org