This repository has been archived by the owner on Mar 24, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 165
Add a feature flag to allow excluding crypto dependencies in lucet-module-data #279
Comments
We'd be happy to accept a patch that adds a feature flag, where the flag is on by default. Testing with and without the feature flag will require some extensions to our CI setup, which is currently in flux for other reasons, so for the time being we'd want to be clear that the non-default configurations are not officially supported. |
shravanrn
added a commit
to PLSysSec/lucet_sandbox_compiler
that referenced
this issue
Sep 10, 2019
…ly excluded at compile time
shravanrn
added a commit
to PLSysSec/lucet_sandbox_compiler
that referenced
this issue
Sep 10, 2019
…ly excluded at compile time
shravanrn
added a commit
to PLSysSec/lucet_sandbox_compiler
that referenced
this issue
Sep 10, 2019
…ly excluded at compile time
shravanrn
added a commit
to PLSysSec/lucet_sandbox_compiler
that referenced
this issue
Sep 10, 2019
…ly excluded at compile time
ekilmer
added a commit
to ekilmer/lucet
that referenced
this issue
Sep 13, 2019
shravanrn
added a commit
to PLSysSec/lucet_sandbox_compiler
that referenced
this issue
Sep 17, 2019
…ly excluded at compile time
shravanrn
added a commit
to PLSysSec/lucet_sandbox_compiler
that referenced
this issue
Sep 17, 2019
…ly excluded at compile time
shravanrn
added a commit
to PLSysSec/lucet_sandbox_compiler
that referenced
this issue
Sep 17, 2019
…ly excluded at compile time
Actually, on speaking to Mozilla folk, it looks like we won't be needing this going forward. So closing this issue |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Context
This is part of a series of bugs that I spoke to @tyler @pchickey about. We are currently using Lucet to sandbox libraries in C++ applications. The idea behind this is that using a wasm sandboxed version of the library allows ensuring that a memory safety issue in the library does not automatically result in a memory safety vulnerability in the full application. One of the consumers of this work is the Firefox web browser.
Problem
lucet-module-data provides the ability check the signature of modules prior to loading. However for the library sandboxing case, the libraries are packaged and sent together and thus have their own signing/certificate mechanisms. Thus dependencies like
minisign
,pbkdf2
,subtle
etc. are all unused.In order to simplify the dependency story here, would it make sense to add a feature flag that allows us to exclude the signing functionality? This feature flag would be enable inclusion of signing code by default, but would provide to us the ability to remove the functionality (and dependencies).
Actions
Please let me know your thoughts on this. If this sounds good, please also let me know if this is a change that can happen internally or if it would be better if a work on a patch that can be accepted?
The text was updated successfully, but these errors were encountered: