You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, host agents have the privilege of using evaluate, makeBundle, storeValue, and storeBlob, all of which are safe to extend to guest agents.
Description of the Design
Move these implementations to mail.js (which is clearly supposed to be named agent.js in MMXXIV) and expose them to both guest.js and host.js. We may need to take care to ensure that the guest can only use a worker named by the guest (not NEW). The solution to that problem may simply to remove the NEW complication entirely.
Security Considerations
Make sure guests don’t implicitly get a capability to spawn an arbitrary number of workers.
Scaling Considerations
Make sure guests don’t implicitly get a capability to spawn an arbitrary number of workers.
Test Plan
Do so.
Compatibility Considerations
Break them.
Upgrade Considerations
Not yet.
The text was updated successfully, but these errors were encountered:
What is the Problem Being Solved?
Currently, host agents have the privilege of using
evaluate
,makeBundle
,storeValue
, andstoreBlob
, all of which are safe to extend to guest agents.Description of the Design
Move these implementations to
mail.js
(which is clearly supposed to be namedagent.js
in MMXXIV) and expose them to bothguest.js
andhost.js
. We may need to take care to ensure that the guest can only use a worker named by the guest (notNEW
). The solution to that problem may simply to remove theNEW
complication entirely.Security Considerations
Make sure guests don’t implicitly get a capability to spawn an arbitrary number of workers.
Scaling Considerations
Make sure guests don’t implicitly get a capability to spawn an arbitrary number of workers.
Test Plan
Do so.
Compatibility Considerations
Break them.
Upgrade Considerations
Not yet.
The text was updated successfully, but these errors were encountered: