Hacker News new | ask | show | jobs
by angelmm 1237 days ago
You get an extra layer of isolation, even at your development environment level.

I remember a NodeJs CVE that was caused by a poisoned dependency. It was affecting people when downloading it from npm.

There’s still a gap here to cover, but the benefits may be worth :)
1 comments
ElectricalUnion 1237 days ago
I don't see how this would in any way prevent you from being affected by a equivalent poisoned pypi dependency; after all your secrets/credentials are inside the sandbox anyways or your code can't work.
link
angelmm 1237 days ago
With Wasm + WASI, you need to explicitly mount files and environment variables. Inside the Wasm VM, the Python interpreter, source code and dependencies only have access to a very reduced surface. Although you're right that if you mount credentials inside, they will be accessible too.

The incident I was talking about was the event-stream[1] vulnerability. The attacker introduced code that looked for the data of a crypto wallet. This data was stored in the user's home.

By default, interpreters may get access to the same resources that the user running the process. In Wasm, the resources are granted manually.

[1] https://blog.npmjs.org/post/180565383195/details-about-the-e...

link
still_grokking 1237 days ago
> By default, interpreters may get access to the same resources that the user running the process. In Wasm, the resources are granted manually.

What's the difference to run the code under a different user (like for example `nobody` for "full sandboxing", or a "clone of nobody" with some additional access rights)?

link
simonw 1237 days ago
Running code under a different user is hard. I don't know how I would do that on macOS, and the times I've done it on Linux I've always had to jump through a bunch of hoops.
link
still_grokking 1237 days ago
MacOS aside, as this is not a serous operating system for this kind of workloads, do you think the "hoops" (which actually?) one needs to "jump through" are so problematic that it makes sense to create millions of lines of new code just to work around them? Only to arrive at the same result that is already working since something around 50 years? This must be really grave issues with just running a task as a different user… Could you expand on that?
link
simonw 1237 days ago
I want to write software that end users can install on their own machines, that supports plugins so they can execute additional code from untrusted sources.

So macOS needs to work.

Microsoft Flight Simulator uses WebAssembly for its extensions system. I want to do the same thing for my own projects.

link