Techly NewsGet the app

Get the latest tech news

Proof of Concept showcasing WASM program access files outside node:wasi's dir


Proof of concept showcasing how a WASM program can access files outside node:wasi's preopens dir. - humodz/node-wasi-preopens-escape

The WASI class has a preopens parameter that describes what files the WASM program has access to. Importantly, the sandboxing is designed to be implementable even in the presence of outside processes accessing the same filesystem, including renaming, unlinking, and creating new files and directories. Do not rely on node:wasi to run malicious code, as it can access files outside the preopens directory.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Proof

Proof

Photo of concept

concept

Photo of node

node

Related news:

News photo

UMD Direct Submission "Proof Of Concept" For The Intel Xe Linux Driver

News photo

Mitel MiCollab zero-day flaw gets proof-of-concept exploit

News photo

Skia Canvas: Browserless implementation of the HTML Canvas drawing API for node

« Cheat codes for LLM performance: An introduction to speculative decoding
Researchers have developed a new device which will enable small drones to shoot powerful lasers – something once thought impossible »