-
Notifications
You must be signed in to change notification settings - Fork 644
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add documentation regarding security issues and the status of Wasm proposals #3972
base: main
Are you sure you want to change the base?
Conversation
doc/stability_wasm_proposals.md
Outdated
| Extended Constant Expressions | Yes | N/A | | ||
| Typed Function References | Yes | `WAMR_BUILD_GC` | | ||
| Thread | Yes | `WAMR_BUILD_SHARED_MEMORY` | | ||
| Exception handling[^2] | Yes | `WAMR_BUILD_EXCE_HANDLING` | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is misleading because what we have is not the phase 4 version.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes. I will move this one to unimplemented Wasm proposals
@@ -0,0 +1,28 @@ | |||
# About security issues | |||
|
|||
This document aims to explain the process of identifying a security issue and the steps for managing a security issue. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the expected audiences and purposes of this document are not obvious to me.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The document is intended to:
- Clarify to the community and TSC which types of issues will be recognized as security issues.
- Provide a step-by-step guide on how to handle a security issue once it has been identified.
- Ensure maintainers distinguish security issues from all reported community issues and address them with caution.
- Encourage accurate reporting of security issues, rather than categorizing them as normal issues.
doc/stability_wasm_proposals.md
Outdated
| Legacy Exception handling[^2] | Yes | `WAMR_BUILD_EXCE_HANDLING` | | ||
| WebAssembly C and C++ API | No | N/A | | ||
|
||
[^1]: jit and aot only |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need to classify fast-jit and LLVM-jit?
…t" in the legacy exception handling note
doc/security_need_to_know.md
Outdated
|
||
Before reporting an issue, particularly one related to crashing, consult [the cheat sheet](https://github.com/bytecodealliance/rfcs/blob/main/accepted/what-is-considered-a-security-bug.md#cheat-sheet-is-this-bug-considered-a-security-vulnerability), _Report a security vulnerability_ if it qualifies. | ||
|
||
Upon receiving an issue, thoroughly review [the cheat sheet](https://github.com/bytecodealliance/rfcs/blob/main/accepted/what-is-considered-a-security-bug.md#cheat-sheet-is-this-bug-considered-a-security-vulnerability) to assess and _Report a security vulnerability_ if the issue is indeed a security vulnerability . |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Upon receiving an issue, thoroughly review [the cheat sheet](https://github.com/bytecodealliance/rfcs/blob/main/accepted/what-is-considered-a-security-bug.md#cheat-sheet-is-this-bug-considered-a-security-vulnerability) to assess and _Report a security vulnerability_ if the issue is indeed a security vulnerability . | |
Upon receiving an issue, thoroughly review [the cheat sheet](https://github.com/bytecodealliance/rfcs/blob/main/accepted/what-is-considered-a-security-bug.md#cheat-sheet-is-this-bug-considered-a-security-vulnerability) to assess and _Report a security vulnerability_ if the issue is indeed a security vulnerability. |
doc/security_need_to_know.md
Outdated
- Enables users to perform actions they should not be able to. | ||
- Allows users to deny actions they have performed. | ||
|
||
Given that WASI is a set of Capability-based APIs, all unauthorized actions are not supposed to happen. Most of the above security concerns can be alleviated. What remains for us is to ensure that Wasm modules' execution is secure. In other words, do not compromise the sandbox. Unless it is explicitly disabled beforehand. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe it can be rephrased as "What remains for us is to ensure that the execution of Wasm modules is secure."
doc/stability_wasm_proposals.md
Outdated
| Bulk memory operations | Yes | `WAMR_BUILD_BULK_MEMORY` | | ||
| Fixed-width SIMD[^1] | Yes | `WAMR_BUILD_SIMD` | | ||
| Extended Constant Expressions | Yes | N/A | | ||
| Typed Function References | Yes | `WAMR_BUILD_GC` | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe type function references should be in off-by-default? Since it needs to enable GC first
doc/stability_wasm_proposals.md
Outdated
| Tail call | Yes | `WAMR_BUILD_TAIL_CALL` | | ||
| Garbage collection | Yes | `WAMR_BUILD_GC` | | ||
| Multiple memories[^3] | Yes | `WAMR_BUILD_MULTI_MEMORY` | | ||
| Memory64 | Yes | `WAMR_BUILD_MEMORY64` | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
WAMR also have WAMR_BUILD_STRINGREF
for Reference-Typed Strings, although it's only phase 1
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
|
||
## On-by-default Wasm Proposals | ||
|
||
| Proposal | Phase 4 | Compilation Option | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Marking some proposals as Phase 4
is not verly accurate, in fact, Bulk memory operations
, Fixed-width SIMD
, Multi-value
, Non-trapping float-to-int conversions
and Sign-extension operators
are finished proposals, and Extended Constant Expressions
is in Phase 5
, and some are in Phase 4
. How about changing this column to Phase
and setting its value to Finished
, Phase 5
, Phase 4
or others?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I intended to convey pass phase 4, but evidently, was not clear. Would >= Phase 4 be more accurate?
No description provided.