urbit / shrub

An operating function (Prototype)
https://urbit.org
MIT License
29 stars 2 forks source link

Sky: Security Model #78

Closed tiller-tolbus closed 2 months ago

tiller-tolbus commented 5 months ago

How does Sky prevent nodes from falsifying their identity when making requests? What is our long-term strategy towards closing any loopholes in this?

Does Sky filter out all script tags and include enough built-in components for UI devs to get by? What is Sky's attitude towards using iframes for sandboxing?

Will Shrubbery eventually place all nodes at their own subdomains so that they can handle their own client-side authentication?

will-hanlen commented 4 months ago

the main goal of sky's security model is to ensure:

the main paths forward are:

option 1: sanitize everything

methods:

option 2: everything is an iframe

will-hanlen commented 4 months ago

~hanfel's idea for iframe security:

will-hanlen commented 4 months ago

discussion stub: iframe sandboxing as it relates to css and js injection

hanfel-dovned commented 2 months ago

Solved by #101.