X Tutup
The Wayback Machine - https://web.archive.org/web/20220418074102/https://github.com/nodejs/node/issues/42528
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ShadowRealm Integration #42528

Open
legendecas opened this issue Mar 30, 2022 · 6 comments
Open

ShadowRealm Integration #42528

legendecas opened this issue Mar 30, 2022 · 6 comments
Labels
discuss

Comments

@legendecas
Copy link
Member

@legendecas legendecas commented Mar 30, 2022
edited

What is the problem this feature will solve?

ShadowRealm is a TC39 stage 3 proposal that introduces a new built-in to provide a distinct global environment, with its own global object containing its own intrinsics and built-ins. Its ability is similar to Node.js built-in vm.Context, however, ShadowRealm provides a stronger guarantee on object exchanges across realm boundaries.

As the ShadowRealm is a distinct global environment, Web integration is also under work (Like 1) to define which web APIs should be exposed in the ShadowRealm so that people can still utilize the Web APIs that still useful in the ShadowRealm. The line generally draw between the APIs that should be exposed in the ShadowRealm or not is generally if the APIs are side-effect-free to the host environment.

What is the feature you are proposing to solve the problem?

ShadowRealm is currently under active development in v8. The design doc of the Host API could be found at here. I'd believe in Node.js we may need to be able to re-evaluate the native modules in the ShadowRealm so that their object graph is not tangled with the main context, to not violate the principle of the design. /cc @nodejs/startup

I'd believe there are a bunch of modules that are useful and can stand in the line of side-effect-free, like EventEmitter, Stream, URL, etc. Also, the Web APIs that are available in Node.js like WebStream could also follow the Web specs to be exposed in the ShadowRealm. We may need to list all the possibilities that can be available in the ShadowRealm, and eventually make them available in the ShadowRealm.

/cc @nodejs/vm
@legendecas legendecas added the discuss label Mar 30, 2022
@linz2h

This comment was marked as off-topic.

Sign in to view
@benjamingr
Copy link
Member

@benjamingr benjamingr commented Apr 4, 2022

What sort of guarantees do we get in terms of isolation? Do we have a proven (as in formally) sandbox that is unescapable except with side-channels?

This enables some interesting use cases and I'm wondering if this means we can relax our "Do not use this for security" bits on vm (and build it on top of this)

@benjamingr benjamingr closed this Apr 4, 2022
@legendecas
Copy link
Member Author

@legendecas legendecas commented Apr 4, 2022
edited

What sort of guarantees do we get in terms of isolation? Do we have a proven (as in formally) sandbox that is unescapable except with side-channels?

The isolation guarantee of the ShadowRealm is about the isolation of the object graphs. This indicates that we will not accidentally exposes JavaScript vulnerable built-ins to the ShadowRealm, like what vm does:

let ctx = vm.createContext();
let fn = vm.runInContext('...', ctx);

fn({}) // <= the function created in the vm can get access to the OUTER `Object` and hijack its methods

However, since the code evaluated in the ShadowRealm is still sharing the heap with the code outside of the ShadowRealm. This means it is still vulnerable to Spectre, etc.

For Host APIs exposed in the ShadowRealm, technically, we are expecting them to be side-effects free -- and thus can not be utilized to initiate attacks on the host environment.

(@benjamingr I assume you closed the issue accidentally? I'm reopening this)

@legendecas legendecas reopened this Apr 4, 2022
@benjamingr
Copy link
Member

@benjamingr benjamingr commented Apr 4, 2022

(@benjamingr I assume you closed the issue accidentally? I'm reopening this)

Yes, sorry.

@benjamingr
Copy link
Member

@benjamingr benjamingr commented Apr 4, 2022

However, since the code evaluated in the ShadowRealm is still sharing the heap with the code outside of the ShadowRealm. This means it is still vulnerable to Spectre, etc.

Yeah I think side-channels in general are outside of scope of things like ShadowRealm - even if we run it in a worker (or in a container in a worker that's still not enough to mitigate side channel attacks).

IIRC @erights pointed out there is a way to avoid side-channels: we can choose not to expose APIs (like process.hrtime) that allow time measurement (this also includes stuff like Date.now(), performance.now(), some parts of http and a bunch of others).

@Jamesernator
Copy link

@Jamesernator Jamesernator commented Apr 15, 2022
edited

IIRC @erights pointed out there is a way to avoid side-channels: we can choose not to expose APIs (like process.hrtime) that allow time measurement (this also includes stuff like Date.now(), performance.now(), some parts of http and a bunch of others).

The SES proposal is designed to deal with all that sort've stuff, ShadowRealm by itself is not a sandbox (however it is usually a neccessary piece of one).

Note that the web is already planning on exposing all sorts of things like high resolution timers into ShadowRealms. It probably wouldn't be a good idea for Node to give the idea that ShadowRealm is itself a sandbox when it explictly won't be a sandbox in other environments.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
discuss
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@benjamingr @legendecas @Jamesernator @linz2h
X Tutup