search

SchoofsKelvin / vscode-sshfs

Extension for Visual Studio Code: File system provider using SSH
GNU General Public License v3.0
543 stars 36 forks source link

Support Workspace Trust #259

Closed SchoofsKelvin closed 3 years ago

SchoofsKelvin commented 3 years ago

Information: microsoft/vscode#120251

For this extension, limited mode should be fine. We should probably block sshfs.configs and sshfs.configpaths from being read from untrusted workspaces, using the restrictedConfigurations field mentioned in the issue above.

Should double-check the extension for places where workspace trust might be an issue, but as far as I know, the only workspace "resources" the extension uses are the aforementioned settings. One edge case might be where the User Settings' sshfs.configpaths might have relative paths, which might thus reference the workspace folder. Actually unsure whether relative paths would be relative to the workspace folder, to wherever VS Code got opened or to the installation directory of VS Code.

SchoofsKelvin commented 3 years ago

Support added in cca8be2.

Went with full support. Originally planned on going with limited support, which would disable config scanning for workspace folders, but that feature has already been disabled due to complexities in the past.