development/deno
development/deno
1
0
Fork 0
mirror of https://github.com/denoland/deno synced 2024-08-27 03:50:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
deno/cli
History
Matt Mastracci 00970daea2
fix(cli): harden permission stdio check (#21778) 
Harden the code that does permission checks to protect against
re-opening of stdin.

Code that runs FFI is vulnerable to an attack where fd 0 is closed
during a permission check and re-opened with a file that contains a
positive response (ie: `y` or `A`). While FFI code is dangerous in
general, we can make it more difficult for FFI-enabled code to bypass
additional permission checks.

- Checks to see if the underlying file for stdin has changed from the
start to the end of the permission check (detects races)
- Checks to see if the message is excessively long (lowering the window
for races)
- Checks to see if stdin and stderr are still terminals at the end of
the function (making races more difficult)
2024-01-04 00:31:39 +01:00
..
args chore: update to Rust 1.75 (#21731) 2024-01-01 23:22:48 +01:00
bench chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
cache chore: update to Rust 1.75 (#21731) 2024-01-01 23:22:48 +01:00
js chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
lsp fix(lsp): support test code lens for Deno.test.{ignore,only}() (#21775) 2024-01-03 16:34:21 +00:00
napi chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
npm chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
ops chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
schemas feat: precompile JSX (#20962) 2023-11-01 20:30:23 +00:00
standalone chore: upgrade deno_core to 0.241.0 (#21765) 2024-01-03 01:34:41 +00:00
tests fix(cli): harden permission stdio check (#21778) 2024-01-04 00:31:39 +01:00
tools fix(jupyter): error message when install fails due to jupyter command not being on PATH (#21767) 2024-01-03 14:45:10 +00:00
tsc chore: update to Rust 1.75 (#21731) 2024-01-01 23:22:48 +01:00
util chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
auth_tokens.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
build.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
Cargo.toml Revert "fix(runtime): Make native modal keyboard interaction consistent with browsers" (#21739) 2024-01-02 09:36:05 +05:30
cdp.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
deno.ico fix(cli): add icon and metadata to deno.exe on Windows (#6693) 2020-07-15 21:54:38 +02:00
deno_std.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
emit.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
entitlements.plist chore: start codesigning mac release builds (#21303) 2023-11-23 15:30:26 -07:00
errors.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
factory.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
file_fetcher.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
graph_util.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
http_util.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
js.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
main.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
module_loader.rs chore: upgrade deno_core to 0.241.0 (#21765) 2024-01-03 01:34:41 +00:00
node.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
README.md docs(cli): do not need gen doc for cli (#17260) 2023-01-04 13:19:58 +01:00
resolver.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
version.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00
worker.rs chore: update copyright to 2024 (#21753) 2024-01-01 19:58:21 +00:00

README.md

Deno CLI Crate

crates

This provides the actual deno executable and the user-facing APIs.

The deno crate uses the deno_core to provide the executable.