feat: add --allow-env option for environment variable permissions

Signed-off-by: nabeel378 <[email protected]>

Author: nabeel378

lib/internal/process/permission.js

@@ -46,6 +46,7 @@ module.exports = ObjectFreeze({
       '--allow-fs-write',
       '--allow-addons',
       '--allow-child-process',
+      '--allow-env',
       '--allow-net',
       '--allow-inspector',
       '--allow-wasi',

node.gyp

@@ -173,6 +173,7 @@
       'src/path.cc',
       'src/permission/child_process_permission.cc',
       'src/permission/ffi_permission.cc',
+      'src/permission/env_var_permission.cc',
       'src/permission/fs_permission.cc',
       'src/permission/inspector_permission.cc',
       'src/permission/permission.cc',
@@ -309,6 +310,7 @@
       'src/path.h',
       'src/permission/child_process_permission.h',
       'src/permission/ffi_permission.h',
+      'src/permission/env_var_permission.h',
       'src/permission/fs_permission.h',
       'src/permission/inspector_permission.h',
       'src/permission/permission.h',

src/env.cc

@@ -949,6 +949,13 @@ Environment::Environment(IsolateData* isolate_data,
       permission()->Apply(this, {"*"}, permission::PermissionScope::kWASI);
     }
 
+    if (!options_->allow_env.empty()) {
+      permission()->Apply(
+          this, options_->allow_env, permission::PermissionScope::kEnvVar);
+    } else {
+      permission()->Apply(this, {}, permission::PermissionScope::kEnvVar);
+    }
+
     // Implicit allow entrypoint to kFileSystemRead
     if (!options_->has_eval_string && !options_->force_repl) {
       std::string first_argv;

src/node_env_var.cc

@@ -4,6 +4,7 @@
 #include "node_external_reference.h"
 #include "node_i18n.h"
 #include "node_process-inl.h"
+#include "permission/permission.h"
 #include "util.h"
 
 #include <time.h>  // tzset(), _tzset()
@@ -435,6 +436,14 @@ static Intercepted EnvGetter(Local<Name> property,
     return Intercepted::kYes;
   }
   CHECK(property->IsString());
+
+  Utf8Value key(env->isolate(), property);
+  if (env->permission()->enabled() &&
+      !env->permission()->is_granted(
+          env, permission::PermissionScope::kEnvVar, key.ToStringView())) {
+    return Intercepted::kNo;
+  }
+
   MaybeLocal<String> value_string =
       env->env_vars()->Get(env->isolate(), property.As<String>());
 
@@ -453,6 +462,16 @@ static Intercepted EnvSetter(Local<Name> property,
                              const PropertyCallbackInfo<void>& info) {
   Environment* env = Environment::GetCurrent(info);
   CHECK(env->has_run_bootstrapping_code());
+
+  if (property->IsString()) {
+    Utf8Value key(env->isolate(), property);
+    THROW_IF_INSUFFICIENT_PERMISSIONS(
+        env,
+        permission::PermissionScope::kEnvVar,
+        key.ToStringView(),
+        Intercepted::kYes);
+  }
+
   // calling env->EmitProcessEnvWarning() sets a variable indicating that
   // warnings have been emitted. It should be called last after other
   // conditions leading to a warning have been met.
@@ -489,6 +508,13 @@ static Intercepted EnvQuery(Local<Name> property,
   Environment* env = Environment::GetCurrent(info);
   CHECK(env->has_run_bootstrapping_code());
   if (property->IsString()) {
+    Utf8Value key(env->isolate(), property);
+    if (env->permission()->enabled() &&
+        !env->permission()->is_granted(
+            env, permission::PermissionScope::kEnvVar, key.ToStringView())) {
+      return Intercepted::kNo;
+    }
+
     int32_t rc = env->env_vars()->Query(env->isolate(), property.As<String>());
     bool has_env = (rc != -1);
     TraceEnvVar(env, "query", property.As<String>());
@@ -506,6 +532,13 @@ static Intercepted EnvDeleter(Local<Name> property,
   Environment* env = Environment::GetCurrent(info);
   CHECK(env->has_run_bootstrapping_code());
   if (property->IsString()) {
+    Utf8Value key(env->isolate(), property);
+    THROW_IF_INSUFFICIENT_PERMISSIONS(
+        env,
+        permission::PermissionScope::kEnvVar,
+        key.ToStringView(),
+        Intercepted::kYes);
+
     env->env_vars()->Delete(env->isolate(), property.As<String>());
 
     TraceEnvVar(env, "delete", property.As<String>());
@@ -525,7 +558,24 @@ static void EnvEnumerator(const PropertyCallbackInfo<Array>& info) {
 
   Local<Array> ret;
   if (env->env_vars()->Enumerate(env->isolate()).ToLocal(&ret)) {
-    info.GetReturnValue().Set(ret);
+    if (env->permission()->enabled()) {
+      LocalVector<Value> filtered(env->isolate());
+      for (uint32_t i = 0; i < ret->Length(); i++) {
+        Local<Value> elem;
+        if (!ret->Get(env->context(), i).ToLocal(&elem)) continue;
+        Utf8Value key(env->isolate(), elem);
+        if (env->permission()->is_granted(
+                env,
+                permission::PermissionScope::kEnvVar,
+                key.ToStringView())) {
+          filtered.push_back(elem);
+        }
+      }
+      info.GetReturnValue().Set(
+          Array::New(env->isolate(), filtered.data(), filtered.size()));
+    } else {
+      info.GetReturnValue().Set(ret);
+    }
   }
 }
 

src/node_options.cc

@@ -712,6 +712,12 @@ EnvironmentOptionsParser::EnvironmentOptionsParser() {
             kAllowedInEnvvar,
             false,
             OptionNamespaces::kPermissionNamespace);
+  AddOption("--allow-env",
+            "allow access to environment variables when any permissions are "
+            "set",
+            &EnvironmentOptions::allow_env,
+            kAllowedInEnvvar,
+            OptionNamespaces::kPermissionNamespace);
   AddOption("--experimental-repl-await",
             "experimental await keyword support in REPL",
             &EnvironmentOptions::experimental_repl_await,

src/node_options.h

@@ -147,6 +147,7 @@ class EnvironmentOptions : public Options {
   bool allow_wasi = false;
   bool allow_ffi = false;
   bool allow_worker_threads = false;
+  std::vector<std::string> allow_env;
   bool experimental_repl_await = true;
   bool experimental_vm_modules = false;
   bool async_context_frame = true;

src/permission/env_var_permission.cc

@@ -0,0 +1,42 @@
+#include "env_var_permission.h"
+
+#include <string>
+#include <vector>
+
+namespace node {
+
+namespace permission {
+
+void EnvVarPermission::Apply(Environment* env,
+                             const std::vector<std::string>& allow,
+                             PermissionScope scope) {
+  deny_all_ = true;
+  if (!allow.empty()) {
+    if (allow.size() == 1 && allow[0] == "*") {
+      allow_all_ = true;
+      return;
+    }
+    for (const std::string& arg : allow) {
+      allowed_env_vars_.insert(arg);
+    }
+  }
+}
+
+bool EnvVarPermission::is_granted(Environment* env,
+                                  PermissionScope perm,
+                                  const std::string_view& param) const {
+  if (deny_all_) {
+    if (allow_all_) {
+      return true;
+    }
+    if (param.empty()) {
+      return false;
+    }
+    return allowed_env_vars_.find(std::string(param)) !=
+           allowed_env_vars_.end();
+  }
+  return true;
+}
+
+}  // namespace permission
+}  // namespace node

src/permission/env_var_permission.h

@@ -0,0 +1,35 @@
+#ifndef SRC_PERMISSION_ENV_VAR_PERMISSION_H_
+#define SRC_PERMISSION_ENV_VAR_PERMISSION_H_
+
+#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
+
+#include <set>
+#include <string>
+#include <vector>
+#include "permission/permission_base.h"
+
+namespace node {
+
+namespace permission {
+
+class EnvVarPermission final : public PermissionBase {
+ public:
+  void Apply(Environment* env,
+             const std::vector<std::string>& allow,
+             PermissionScope scope) override;
+  bool is_granted(Environment* env,
+                  PermissionScope perm,
+                  const std::string_view& param = "") const override;
+
+ private:
+  bool deny_all_ = false;
+  bool allow_all_ = false;
+  std::set<std::string> allowed_env_vars_;
+};
+
+}  // namespace permission
+
+}  // namespace node
+
+#endif  // defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
+#endif  // SRC_PERMISSION_ENV_VAR_PERMISSION_H_

src/permission/permission.cc

@@ -48,6 +48,8 @@ constexpr std::string_view GetDiagnosticsChannelName(PermissionScope scope) {
       return "node:permission-model:addon";
     case PermissionScope::kFFI:
       return "node:permission-model:ffi";
+    case PermissionScope::kEnvVar:
+      return "node:permission-model:env";
     default:
       return {};
   }
@@ -108,6 +110,8 @@ Permission::Permission() : enabled_(false), warning_only_(false) {
   std::shared_ptr<PermissionBase> net = std::make_shared<NetPermission>();
   std::shared_ptr<PermissionBase> addon = std::make_shared<AddonPermission>();
   std::shared_ptr<FFIPermission> ffi = std::make_shared<FFIPermission>();
+  std::shared_ptr<PermissionBase> env_var =
+      std::make_shared<EnvVarPermission>();
 #define V(Name, _, __, ___)                                                    \
   nodes_.insert(std::make_pair(PermissionScope::k##Name, fs));
   FILESYSTEM_PERMISSIONS(V)
@@ -139,6 +143,8 @@ Permission::Permission() : enabled_(false), warning_only_(false) {
 #define V(Name, _, __, ___)                                                    \
   nodes_.insert(std::make_pair(PermissionScope::k##Name, ffi));
   FFI_PERMISSIONS(V)
+  nodes_.insert(std::make_pair(PermissionScope::k##Name, env_var));
+  ENV_VAR_PERMISSIONS(V)
 #undef V
 }
 

src/permission/permission.h

@@ -9,6 +9,7 @@
 #include "permission/addon_permission.h"
 #include "permission/child_process_permission.h"
 #include "permission/ffi_permission.h"
+#include "permission/env_var_permission.h"
 #include "permission/fs_permission.h"
 #include "permission/inspector_permission.h"
 #include "permission/net_permission.h"