The fresh homepage, and possibly the docs too, show a short and easy-to-run command to set up Fresh: deno run -Ar jsr:@fresh/init.
This command uses -A (--allow-all) and -r(--reload), making it download code from the internet and executing it with full user permissions.
Deno also provides a --allow-all flag that grants all permissions to the script. This disables the security sandbox entirely, and should be used with caution. The --allow-all has the same security properties as running a script in Node.js (ie none).
https://docs.deno.com/runtime/fundamentals/security/
This widens the blast radius of a supply-chain attack: with --allow-all, any transitive dependency of @fresh/init executes with full system permissions instead of being sandboxed.
The same effect can be achieved with
deno run --allow-net=jsr.io,usefresh.dev,fresh.deno.dev --allow-run=deno -RWr jsr:@fresh/init
The biggest concern I have with the above command is --allow-run=deno that still allows the package to run a deno command with any flag it wants. It is currently used for deno install, maybe the user can do that themselves?
You probably don't ever want to use --allow-run=deno unless the parent process has --allow-all, as being able to spawn a deno process means the script can spawn another deno process with full permissions.
https://docs.deno.com/runtime/fundamentals/security/#subprocesses
The -RW flag allows reading & writing. Possible too permissive as well, but added for convenience since the alternative is requiring defining the destination folder in the command.
Limiting the network locations Deno can access is a good first start and shrinks the attack vector possibilities greatly.
The fresh homepage, and possibly the docs too, show a short and easy-to-run command to set up Fresh:
deno run -Ar jsr:@fresh/init.This command uses
-A(--allow-all) and-r(--reload), making it download code from the internet and executing it with full user permissions.This widens the blast radius of a supply-chain attack: with
--allow-all, any transitive dependency of@fresh/initexecutes with full system permissions instead of being sandboxed.The same effect can be achieved with
The biggest concern I have with the above command is
--allow-run=denothat still allows the package to run a deno command with any flag it wants. It is currently used fordeno install, maybe the user can do that themselves?The
-RWflag allows reading & writing. Possible too permissive as well, but added for convenience since the alternative is requiring defining the destination folder in the command.Limiting the network locations Deno can access is a good first start and shrinks the attack vector possibilities greatly.