tighten "net" permissions of Deno sandbox

teleclimber / Dropserver

An application platform for your personal web services. https://dropserver.org

Apache License 2.0

42 stars 1 forks source link

tighten "net" permissions of Deno sandbox #53

Closed teleclimber closed 2 years ago

teleclimber commented 2 years ago

Currently sandbox runs with --allow-net, implying all requests are allowed. And listeners too!

To do this we would have to work on app packaging, because currently we just ship apps as TS/JS files, which import other potentially remote modules over the net.

Will have to coordinate --allow-net with potential use of --no-remote.

Also will probably have to allow net in ds-dev, so that it can function with unpackaged apps.

teleclimber commented 2 years ago

Fixed in 425d612002398dfd90a0ea71a524135b95358741