Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: prevent node mode to be used as script runner by other apps #40579

Merged
merged 1 commit into from Dec 6, 2023
Merged

fix: prevent node mode to be used as script runner by other apps #40579

merged 1 commit into from Dec 6, 2023

Conversation

zcbenz
Copy link
Member

@zcbenz zcbenz commented Nov 22, 2023

Description of Change

See the code comment for the purpose of this change:

// On macOS, it is forbidden to run sandboxed app with custom arguments
// from another app, i.e. args are discarded in following call:
//   exec("Sandboxed.app", ["--custom-args-will-be-discarded"])
// However it is possible to bypass the restriction by abusing the node mode
// of Electron apps:
//   exec("Electron.app", {env: {ELECTRON_RUN_AS_NODE: "1",
//                               NODE_OPTIONS: "--require 'bad.js'"}})
// To prevent Electron apps from being used to work around macOS security
// restrictions, when NODE_OPTIONS is passed it will be checked whether
// this process is invoked by its own app.

Note that this change is only needed on macOS, because on other platforms there is no restriction on invoking another app with custom arguments. In other words, this change is merely to satisfy the security requirements in Apple's ecosystem.

Checklist

Release Notes

Notes: Prevent node mode to be used as script runner by other apps on macOS.

@zcbenz zcbenz added semver/patch backwards-compatible bug fixes target/26-x-y PR should also be added to the "26-x-y" branch. target/27-x-y PR should also be added to the "27-x-y" branch. target/28-x-y PR should also be added to the "28-x-y" branch. labels Nov 22, 2023
@electron-cation electron-cation bot added the new-pr 🌱 PR opened in the last 24 hours label Nov 22, 2023
@zcbenz
Copy link
Member Author

zcbenz commented Nov 22, 2023

/cc @deepak1556 @bpasero this change will get rid of the patch used by VS Code, please check if there will be any unwanted behavior.

MarshallOfSound
MarshallOfSound requested changes Nov 22, 2023
View reviewed changes
shell/app/node_main.cc Outdated Show resolved Hide resolved
@electron-cation electron-cation bot removed the new-pr 🌱 PR opened in the last 24 hours label Nov 23, 2023
@zcbenz zcbenz force-pushed the no-node-options-in-node-process branch 2 times, most recently from 4b35cf5 to ca110a0 Compare November 27, 2023 00:26
deepak1556
deepak1556 approved these changes Nov 27, 2023
View reviewed changes
Copy link
Member

@deepak1556 deepak1556 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💯 for the tests!

MarshallOfSound
MarshallOfSound reviewed Dec 4, 2023
View reviewed changes
shell/app/node_main.cc Outdated Show resolved Hide resolved
shell/app/node_main.cc Outdated Show resolved Hide resolved
shell/app/node_main.cc Show resolved Hide resolved
@zcbenz zcbenz force-pushed the no-node-options-in-node-process branch from ca110a0 to 8da3bab Compare December 5, 2023 02:07
@deepak1556 deepak1556 merged commit cb0da6f into main Dec 6, 2023
17 checks passed
@deepak1556 deepak1556 deleted the no-node-options-in-node-process branch December 6, 2023 02:23
@release-clerk Release Clerk
Copy link

release-clerk bot commented Dec 6, 2023

Release Notes Persisted

Prevent node mode to be used as script runner by other apps on macOS.

@trop
Copy link
Contributor

trop bot commented Dec 6, 2023

I was unable to backport this PR to "26-x-y" cleanly;
you will need to perform this backport manually.

@trop
Copy link
Contributor

trop bot commented Dec 6, 2023

I was unable to backport this PR to "27-x-y" cleanly;
you will need to perform this backport manually.

@trop trop bot added needs-manual-bp/26-x-y needs-manual-bp/27-x-y and removed target/26-x-y PR should also be added to the "26-x-y" branch. target/27-x-y PR should also be added to the "27-x-y" branch. labels Dec 6, 2023
@trop trop bot mentioned this pull request Dec 6, 2023
Merged
@trop
Copy link
Contributor

trop bot commented Dec 6, 2023

I have automatically backported this PR to "28-x-y", please check out #40710

@trop trop bot added in-flight/28-x-y and removed target/28-x-y PR should also be added to the "28-x-y" branch. labels Dec 6, 2023
@zcbenz zcbenz mentioned this pull request Dec 11, 2023
Merged
@trop
Copy link
Contributor

trop bot commented Dec 11, 2023

@zcbenz has manually backported this PR to "27-x-y", please check out #40737

@zcbenz zcbenz mentioned this pull request Dec 11, 2023
Merged
@trop
Copy link
Contributor

trop bot commented Dec 11, 2023

@zcbenz has manually backported this PR to "26-x-y", please check out #40738

@trop trop bot added in-flight/26-x-y merged/28-x-y PR was merged to the "28-x-y" branch. and removed needs-manual-bp/26-x-y in-flight/28-x-y labels Dec 11, 2023
MrHuangJser pushed a commit to MrHuangJser/electron that referenced this pull request Dec 11, 2023
@zcbenz
fix: prevent node mode to be used as script runner by other apps (ele…
a144261 
…ctron#40579)
@trop trop bot added merged/27-x-y PR was merged to the "27-x-y" branch. and removed in-flight/27-x-y labels Dec 11, 2023
@deepak1556 deepak1556 mentioned this pull request Dec 12, 2023
Closed
@trop trop bot added merged/26-x-y PR was merged to the "26-x-y" branch. and removed in-flight/26-x-y labels Dec 13, 2023
This was referenced Dec 15, 2023
Closed
Merged
@deepak1556 deepak1556 mentioned this pull request Jan 31, 2024
Open
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@deepak1556 deepak1556 deepak1556 approved these changes

@MarshallOfSound MarshallOfSound MarshallOfSound approved these changes

@miniak miniak Awaiting requested review from miniak

Assignees
No one assigned
Labels
merged/26-x-y PR was merged to the "26-x-y" branch. merged/27-x-y PR was merged to the "27-x-y" branch. merged/28-x-y PR was merged to the "28-x-y" branch. semver/patch backwards-compatible bug fixes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@zcbenz @deepak1556 @MarshallOfSound