There is an npm worm vulnerability. One of the main problems is that random scripts are run with full user privilege.
This repo provides a proof that secure user-contributed scripts is possible. It's a POC and does not pretend that the used implementation is shippable as is. Additional work would be required for this idea to be integrated to the official npm CLI client.
The shell used as script-shell
is a docker run
call that is passed enough authority to work properly, but not enough to do anything seriously harmful.
A bunch of things to install before the POC work
- Install Docker
- Install Docker compose
git clone [email protected]:DavidBruant/containednpm.git
cd containednpm
# (optional but recommanded) builds the image a first time and make sure it runs properly
docker-compose -f contained-services.yml run contained_npm_script echo 'success'
npm config set script-shell "$PWD"/bin/contained-run-script-sh.js
## Step 1 : Arbitrary code execution with user privilege
npm config delete script-shell
cd project-alpha
cat package.json
npm install https://github.com/DavidBruant/harmless-worm --save
cat package.json
# Notice that package.json has been modified by a lifecycle script :-(
# reset to non infected state
cd ..
git checkout project-alpha
npm config set script-shell "$PWD"/bin/contained-run-script-sh.js
cd project-alpha
ls -l node_modules
# there are no modules
## Step 2 : Arbitrary code execution within some docker container
npm install is-thirteen --save
# Does the expected, works fine
npm install https://github.com/DavidBruant/harmless-worm --save
# the worm postinstall fails! \o/
ls -l node_modules
# the worm and is-thirteen are installed in the project-alpha/node_modules
cat package.json
# worm is in dependencies as expected, BUT the worm has NOT infected the file
The main reason the worm fails is that it does not have authority it should not have in the first place The worm can modify package.json anyway and wait for us to publish
Feel free to try to install rimrafall; it will delete all the files in the container... which you don't really care about (except the project-alpha
files).
There are plenty of either, but that's not the point. The point was to demonstrate that secure and useful user-contributed code is possible, not to promote this specific implementation.
Lots of inspirations for this work. But these may be the main ones
Talk about the other threat