diff options
| author | Bradley Farias <bradley.meck@gmail.com> | 2019-06-05 13:33:07 -0500 |
|---|---|---|
| committer | Rich Trott <rtrott@gmail.com> | 2019-07-20 13:24:58 -0700 |
| commit | 6c288a704453ec7319928495efd0d3c482bcf754 (patch) | |
| tree | 45793ed29535a70e9af1511111b47ac35702bb4f /doc/api | |
| parent | 0df3ea09faccd04dc0f0c3022e970e60403b9a6b (diff) | |
| download | android-node-v8-6c288a704453ec7319928495efd0d3c482bcf754.tar.gz android-node-v8-6c288a704453ec7319928495efd0d3c482bcf754.tar.bz2 android-node-v8-6c288a704453ec7319928495efd0d3c482bcf754.zip | |
policy: add policy-integrity to mitigate policy tampering
PR-URL: https://github.com/nodejs/node/pull/28734
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Guy Bedford <guybedford@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Diffstat (limited to 'doc/api')
| -rw-r--r-- | doc/api/cli.md | 13 | ||||
| -rw-r--r-- | doc/api/policy.md | 9 |
2 files changed, 22 insertions, 0 deletions
diff --git a/doc/api/cli.md b/doc/api/cli.md index 9c40dc5159..edfa5f1481 100644 --- a/doc/api/cli.md +++ b/doc/api/cli.md @@ -446,6 +446,17 @@ unless either the `--pending-deprecation` command line flag, or the are used to provide a kind of selective "early warning" mechanism that developers may leverage to detect deprecated API usage. +### `--policy-integrity=sri` +<!-- YAML +added: REPLACEME +--> + +> Stability: 1 - Experimental + +Instructs Node.js to error prior to running any code if the policy does not have +the specified integrity. It expects a [Subresource Integrity][] string as a +parameter. + ### `--preserve-symlinks` <!-- YAML added: v6.3.0 @@ -980,6 +991,7 @@ Node.js options that are allowed are: - `--no-warnings` - `--openssl-config` - `--pending-deprecation` +- `--policy-integrity` - `--preserve-symlinks-main` - `--preserve-symlinks` - `--prof-process` @@ -1184,6 +1196,7 @@ greater than `4` (its current default value). For more information, see the [Chrome DevTools Protocol]: https://chromedevtools.github.io/devtools-protocol/ [REPL]: repl.html [ScriptCoverage]: https://chromedevtools.github.io/devtools-protocol/tot/Profiler#type-ScriptCoverage +[Subresource Integrity]: https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity [V8 JavaScript code coverage]: https://v8project.blogspot.com/2017/12/javascript-code-coverage.html [customizing esm specifier resolution]: esm.html#esm_customizing_esm_specifier_resolution_algorithm [debugger]: debugger.html diff --git a/doc/api/policy.md b/doc/api/policy.md index be7ea3480b..a1955f2b3e 100644 --- a/doc/api/policy.md +++ b/doc/api/policy.md @@ -38,6 +38,15 @@ node --experimental-policy=policy.json app.js The policy manifest will be used to enforce constraints on code loaded by Node.js. +In order to mitigate tampering with policy files on disk, an integrity for +the policy file itself may be provided via `--policy-integrity`. +This allows running `node` and asserting the policy file contents +even if the file is changed on disk. + +```sh +node --experimental-policy=policy.json --policy-integrity="sha384-SggXRQHwCG8g+DktYYzxkXRIkTiEYWBHqev0xnpCxYlqMBufKZHAHQM3/boDaI/0" app.js +``` + ## Features ### Error Behavior |