[arbll]

It's fine for this project since google is probably not in the business of triggering exploits in yt-dlp users but please do not use deno sandboxing as a your main security measure to execute untrusted code. Runtime-level sandboxing is always very weak. Relying on OS-level sandboxing or VMs (firecracker & co) is the right way for this.

[baobabKoodaa]

> It's fine for this project since google is probably not in the business of triggering exploits in yt-dlp

yt-dlp supports a huge list of websites other than youtube

[ethmarks]

But YouTube is the only one that yt-dlp uses Deno for. No other website on yt-dlp's list has put up enough of a fight to merit an external JS runtime; only YouTube.

From the September announcement:

> The JavaScript runtime requirement will only apply to downloading from YouTube. yt-dlp can still be used without it on the other ~thousand sites it supports

[arbll]

I assumed they only use this setup for youtube, that might be wrong

[blackhaj7]

Is there a full list? I struggled to find one

[dcassett]

https://github.com/yt-dlp/yt-dlp/blob/2025.09.23/supportedsi...

[blackhaj7]

Thanks!

[NoahZuniga]

There's a supportedsites.md file in the base directory of the git repo.

[blackhaj7]

Thanks!

[pwdisswordfishy]

I would not put it past them. And I'm not sure I trust the yt-dlp team to implement sandboxing securely. The codebase is already full of shortcuts that lead to vulnerabilities like file extension injection.

I mean, this gives me pause:

> Both QuickJS and QuickJS-NG do not fully allow executing files from stdin, so yt-dlp will create temporary files for each EJS script execution. This can theoretically lead to time-of-check to time-of-use (TOCTOU) vulnerabilities.

https://github.com/yt-dlp/yt-dlp/wiki/EJS

TOCTOU from temporary files is a solved problem.

[jrochkind1]

i wonder if it would be legal if they did, as an anti-circumvention counter-measure.

[zahlman]

> Runtime-level sandboxing is always very weak. Relying on OS-level sandboxing or VMs (firecracker & co) is the right way for this.

... Isn't the web browser's sandboxing runtime-level?

[arbll]

It used to be 100% runtime-level and it was the golden age of browser exploits. Each of your tabs are now a separate process that the OS sandboxes. They can only access a specific API over IPC for anything that goes beyond js/rendering (cookie management, etc...). An exploit in V8 today only gives access to this API. A second exploit is needed in this API to escape the sandbox and do anything meaningful on the target system.

[ethmarks]

Yes, but browser sandboxing is an absolute marvel of software design that also cost millions and millions of dollars in developers salaries and CVE bounties to develop. Neither Deno nor yt-dlp have anywhere close to millions of dollars to spend on implementing secure JS sandboxing.

[franga2000]

Yes, and it's only reasonably secure because of years of exploits being found and fixed by some of the best (and very well-funded) software security engineers out there.

[arbll]

That's not true. It's secure because they are stacking OS-sandboxing on top, forcing attackers to find a chain of exploits instead of a single issue in V8

[NoahZuniga]

Great news! Deno uses the same runtime as chrome, so you benefit from all those found exploits.

[arbll]

While you benefit from the V8 fixes it lacks OS-level sandboxing (see above). Chrome is safe because it stacks security layers. Runtime sandboxing is just one of them and arguably the weakest one.