You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Feb 17, 2024. It is now read-only.
During the early development of the project, we chose to automatically inherit the environment of the host in guest processes to simplify configuration and have a default that would serve well for fast iteration over the project development.
Now that the project matures, we may want to revisit those early design decisions.
Inheriting the environment may be a security risk, especially when executing processes to handle asynchronous tasks in scenarios where the code may come from a third party
There is a relationship between [STE-104] sandbox: file system isolation #152 and the notion of a working directory; guest languages such as Go use the PWD environment variable to determine the current working directory and emulate the functionality which typically belongs to the operating system; timecraft could automatically set this variable to the value of the current working directory (see cmd/wasirun: add --env-inherit flag from wazero wasi-go#78 for related context as well)
The text was updated successfully, but these errors were encountered:
For a nice balance of convenience and security, maybe the root process inherits the environment and disk access, but sub-processes that are spawned implicitly to handle tasks do not? The user can opt-out of the default root process access, and opt-in (via application code to spawn tasks) to passing environment variables and exposing parts of the file system?
During the early development of the project, we chose to automatically inherit the environment of the host in guest processes to simplify configuration and have a default that would serve well for fast iteration over the project development.
Now that the project matures, we may want to revisit those early design decisions.
Inheriting the environment may be a security risk, especially when executing processes to handle asynchronous tasks in scenarios where the code may come from a third party
There is a relationship between [STE-104] sandbox: file system isolation #152 and the notion of a working directory; guest languages such as Go use the
PWD
environment variable to determine the current working directory and emulate the functionality which typically belongs to the operating system; timecraft could automatically set this variable to the value of the current working directory (see cmd/wasirun: add --env-inherit flag from wazero wasi-go#78 for related context as well)The text was updated successfully, but these errors were encountered: