Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Native client security and speed concerns #25

Open
Self-Perfection opened this issue Feb 21, 2019 · 1 comment
Open

Native client security and speed concerns #25

Self-Perfection opened this issue Feb 21, 2019 · 1 comment

Comments

@Self-Perfection
Copy link

Self-Perfection commented Feb 21, 2019
edited

Security

While installing native client I wanted to check what my computer is going to run. At first it seemed easy task - just review three short js scripts, but it tuned out that this native client basically runs any script received from addon. Wow. So now I have to review whole extension code as well to feel safe.

Basically any eval in code is a security breach. Even if current version of addon is safe, future updates might become malicious. @belaviyo, what if someone will get access to your account and push addon update which runs malicious code? Running code from addon in vm practically defies the purpose of WebExtensions restrictions.

For now I just disabled updates of Send to VLC addon but still.

Speed

On laptop on which I use this addon, one native client run takes 1.0 s of CPU. That is 1s of delay before player starts and is twice as much of CPU time required by VLC to start. I admit this laptop is rather slow, but that's the whole point of using Send to VLC addon! Youtube in browser just hiccups and show still image in video and VLC show the same video perfectly. nodejs gives huge overhead.

As I see it the proper way to run VLC from browser should use script with lightweight interpreter. Python seems a good enough choice, it is 10-20 times faster to start then nodejs and it is already installed much more often then nodejs, at least python should be present on all mac and linux systems. And it should implement really simple protocol, which just gets list of URLs (native client itself should check, that all received strings looks like links).

I am willing to help with native client script, if you find this concerns serious.
@belaviyo
Copy link
Owner

The whole idea of writing the native client in NodeJS is to have a code that the user can simply review. Python is another option, but to me having both client and native part in a single language is more readable. If speed is your concern, you can write the native client in C++ with just a few lines of code, but then you will need to compile it and it would be really hard for a reviewer to make sure the code is safe.

future updates might become malicious.

This concern stands for all add-ons. Fortunately, at least in Mozilla, add-ons get reviewed. Anyhow, I am open to the ideas that help protecting user's security.

For now, this extension does this by:

  1. Using the official NodeJS executable
  2. All coding part is in the extension side
  3. Native part only allows access to the modules that the client already requested permission for.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@belaviyo @Self-Perfection