Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

A Proper Implementation of Safe Mode #361

Open
4 tasks
CheatCod opened this issue Dec 19, 2023 · 0 comments · May be fixed by #367
Open
4 tasks

A Proper Implementation of Safe Mode #361

CheatCod opened this issue Dec 19, 2023 · 0 comments · May be fixed by #367
Assignees
@seliayeu @CheatCod
Labels
core issue relating to the backend (core) enhancement New feature or request

Comments

@CheatCod
Copy link
Member

Description

Need a proper implementation and documentation for Safe Mode. Safe Mode should aim to reduce or eliminate the possibility of remote code execution by a non-owner user.

When Safe Mode is enabled, it

  • Disables granting, and removes all "unsafe" permissions such as global fs read, instance fs write from users

  • Disable non-owner users from performing "unsafe actions"

  • Implementation in the backend

  • Implementation in the frontend

    • Should pop up with warnings when the owner tries to disable safe mode

  • Write documentation explaining what Safe Mode is
@CheatCod CheatCod added enhancement New feature or request core issue relating to the backend (core) labels Dec 24, 2023
@seliayeu seliayeu linked a pull request Feb 25, 2024 that will close this issue
Update Safe mode to disable global FS reads and writes #367
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@seliayeu seliayeu

@CheatCod CheatCod

Labels
core issue relating to the backend (core) enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update Safe mode to disable global FS reads and writes Lodestone-Team/lodestone
2 participants
@seliayeu @CheatCod