permission: add initial environment permission
Add initial environment permission support. This restricts permission to access environment variables through process.env
by using --allow-env
flag.
usages
Proposed basic usages are as follows:
-
--allow-env
: All environment variables are allowed. -
--allow-env=HOST
:HOST
is allowed. -
--allow-env=HOST,PORT
:HOST
andPORT
are allowed. --allow-env=DB_*
: Env vars starting withDB_
are allowed.--allow-env=DB_*,-DB_PASSWORD
: All env vars starting withDB_
exceptDB_PASSWORD
are allowed.--allow-env=*,-DB_PASSWORD
: All env vars exceptDB_PASSWORD
are allowed.
process[env_private_symbol]
This is based on the idea of using a new privileged API for builtins to access the environment variables instead of process.env
. It preserves current behaviors of process.env
on the child processes and the worker threads by leveraging the existing native traps. This approach required manual changes to all internal uses of it.
WIP:
-
Removing code parsing patterns related to wildcard and -
. -
Adding flags to enable full access to envvars. -
Updating TCs. -
Updating documents. -
Seeking possible ways to safely enumeration/cloning of the env object.
Refs: https://github.com/nodejs/security-wg/issues/993
Signed-off-by: Daeyeon Jeong daeyeon.dev@gmail.com