Nodejs/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2024-11-21 10:59:27 +00:00
Code Issues Actions 25 Packages Projects Releases Wiki Activity

doc: mention node:wasi in the Threat Model

Browse Source 
PR-URL: https://github.com/nodejs/node/pull/51211
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
This commit is contained in:
Rafael Gonzaga 2023-12-21 12:55:52 +00:00 committed by GitHub
parent ddb58bfd4e
commit a71210ba60
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
SECURITY.md
View File

@ -124,6 +124,8 @@ lead to a loss of confidentiality, integrity, or availability.
end being on the local machine or remote. end being on the local machine or remote.
6. The file system when requiring a module. 6. The file system when requiring a module.
See <https://nodejs.org/api/modules.html#all-together>. See <https://nodejs.org/api/modules.html#all-together>.
7. The `node:wasi` module does not currently provide the comprehensive file
system security properties provided by some WASI runtimes.
Any unexpected behavior from the data manipulation from Node.js Internal Any unexpected behavior from the data manipulation from Node.js Internal
functions may be considered a vulnerability if they are exploitable via functions may be considered a vulnerability if they are exploitable via