Skip to content

DavidBruant/containednpm

Repository files navigation

Containednpm

There is an npm worm vulnerability. One of the main problems is that random scripts are run with full user privilege.

This repo provides a proof that secure user-contributed scripts is possible. It's a POC and does not pretend that the used implementation is shippable as is. Additional work would be required for this idea to be integrated to the official npm CLI client.

How it works

The shell used as script-shell is a docker run call that is passed enough authority to work properly, but not enough to do anything seriously harmful.

Setup

A bunch of things to install before the POC work

git clone [email protected]:DavidBruant/containednpm.git
cd containednpm

# (optional but recommanded) builds the image a first time and make sure it runs properly
docker-compose -f contained-services.yml run contained_npm_script echo 'success'

npm config set script-shell "$PWD"/bin/contained-run-script-sh.js

Defense POC

⚠️ This only works on Linux for now. It's certainly possible to have it work on Windows and Mac, but that's for another day

## Step 1 : Arbitrary code execution with user privilege

npm config delete script-shell

cd project-alpha
cat package.json
npm install https://github.com/DavidBruant/harmless-worm --save
cat package.json
# Notice that package.json has been modified by a lifecycle script :-(

# reset to non infected state
cd .. 
git checkout project-alpha

npm config set script-shell "$PWD"/bin/contained-run-script-sh.js

cd project-alpha
ls -l node_modules
# there are no modules


## Step 2 : Arbitrary code execution within some docker container

npm install is-thirteen --save
# Does the expected, works fine
npm install https://github.com/DavidBruant/harmless-worm --save
# the worm postinstall fails! \o/

ls -l node_modules
# the worm and is-thirteen are installed in the project-alpha/node_modules
cat package.json
# worm is in dependencies as expected, BUT the worm has NOT infected the file

The main reason the worm fails is that it does not have authority it should not have in the first place The worm can modify package.json anyway and wait for us to publish

Feel free to try to install rimrafall; it will delete all the files in the container... which you don't really care about (except the project-alpha files).

Limitations and room for improvements

There are plenty of either, but that's not the point. The point was to demonstrate that secure and useful user-contributed code is possible, not to promote this specific implementation.

Inspirations and credit

Lots of inspirations for this work. But these may be the main ones

TODO

Talk about the other threat

About

Protecting against malicious lifecycle scripts

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published