1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-01 16:51:13 -05:00
denoland-deno/cli
Matt Mastracci 5d7ebea99f
fix(cli): harden permission stdio check (#21778)
Harden the code that does permission checks to protect against
re-opening of stdin.

Code that runs FFI is vulnerable to an attack where fd 0 is closed
during a permission check and re-opened with a file that contains a
positive response (ie: `y` or `A`). While FFI code is dangerous in
general, we can make it more difficult for FFI-enabled code to bypass
additional permission checks.

- Checks to see if the underlying file for stdin has changed from the
start to the end of the permission check (detects races)
- Checks to see if the message is excessively long (lowering the window
for races)
- Checks to see if stdin and stderr are still terminals at the end of
the function (making races more difficult)
2024-01-04 20:34:54 +01:00
..
args chore: update to Rust 1.75 (#21731) 2024-01-04 20:34:52 +01:00
bench chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
cache chore: update to Rust 1.75 (#21731) 2024-01-04 20:34:52 +01:00
js chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
lsp fix(lsp): support test code lens for Deno.test.{ignore,only}() (#21775) 2024-01-04 20:34:54 +01:00
napi chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
npm chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
ops chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
schemas feat: precompile JSX (#20962) 2023-11-01 20:30:23 +00:00
standalone chore: upgrade deno_core to 0.241.0 (#21765) 2024-01-04 20:34:53 +01:00
tests fix(cli): harden permission stdio check (#21778) 2024-01-04 20:34:54 +01:00
tools fix(jupyter): error message when install fails due to jupyter command not being on PATH (#21767) 2024-01-04 20:34:54 +01:00
tsc chore: update to Rust 1.75 (#21731) 2024-01-04 20:34:52 +01:00
util chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
auth_tokens.rs chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
build.rs chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
Cargo.toml Revert "fix(runtime): Make native modal keyboard interaction consistent with browsers" (#21739) 2024-01-04 20:34:52 +01:00
cdp.rs chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
deno.ico
deno_std.rs chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
emit.rs chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
entitlements.plist chore: start codesigning mac release builds (#21303) 2023-11-23 15:30:26 -07:00
errors.rs chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
factory.rs chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
file_fetcher.rs chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
graph_util.rs chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
http_util.rs chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
js.rs chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
main.rs chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
module_loader.rs chore: upgrade deno_core to 0.241.0 (#21765) 2024-01-04 20:34:53 +01:00
node.rs chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
README.md docs(cli): do not need gen doc for cli (#17260) 2023-01-04 13:19:58 +01:00
resolver.rs chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
version.rs chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00
worker.rs chore: update copyright to 2024 (#21753) 2024-01-04 20:34:51 +01:00

Deno CLI Crate

crates

This provides the actual deno executable and the user-facing APIs.

The deno crate uses the deno_core to provide the executable.