Open turbolent opened 2 years ago
After Stable Cadence, once entitlements are released, this won't be unsafe in principle; having a Capability in a public field is not a problem as long as it has the proper entitlements. I think we should change this on the Stable Cadence side to only warn about auth
Capabilities in public fields.
Feature Request
Capabilities should not be accessible by unauthorized parties. For example, capabilities should not be accessible through a public field, including public dictionaries or arrays. Exposing a capability in such a way allows anyone to borrow it and perform all actions that the capability allows.
Detect and report public fields with a capability type; directly, or indirectly (e.g. array/dictionary of capabilities)