On 20/06/2024 21:03, Tobias Heider wrote:
> On Thu, Jun 20, 2024 at 08:50:21PM +0100, Fabien Romano wrote:
>> I would like to sandbox my electron (chromium based) stuff but many nodejs
>> modules around use something like :
>> var CPU_COUNT = Math.max(os.cpus().length, 1);
>>
>> That's really sad there is no proper os.ncpu() implementation.
>> Furthermore, those module come from a package manager (npm, yarn, pnpm) so it's
>> very painfull to patch everything again and again.
>>
>> The problem is os.cpus() need hw.model & hw.cpuspeed but both are not available
>> under pledge(). I can consider patching node itself but I have no idea what to
>> use instead of those sysctl and even if I do there may be some modules in the
>> wild which use the data and not only the length (who knows ... maybe someone use
>> os.cpus() for what it is).
>>
>> I think my justification isn't very good as there is only two softwares
>> (furthermore, wip only) which need it (atm). Anyway I would like to know if this
>> can be considered in the future or maybe right now.
>>
>> Is it an issue to allow those two sysctl ?
>>
> 
> Those properties will not change at runtime so the better way to deal with
> this would be reading them once at the start of the program before any
> privileges are dropped and then using that value where needed instead of
> softening the pledge promise.
> 

I would like so much. I can't do that without a lot of effort. I don't know a
lot about electron internals yet but, depending on how the software is designed,
it start directly into the chromium sandbox then load its nodejs app & modules.

An other idea would be to always pre-load those value from electron (even if
os.cpus() isn't called) before the sandbox but doing so in chromium src looks hard.

Allowing those two sysctl is the easiest solution I found but I have no idea if
there is any security issue to consider by providing those informations.

Actually, I have limited hope this could be commited but before going the harder
way I think it does not hurt to ask.