Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

inspector: added --inspect-publish-uid #27741

Closed
wants to merge 1 commit into from

Conversation

alexkozy
Copy link
Member

@alexkozy alexkozy commented May 16, 2019

This flag specifies how inspector websocket url should be exposed.
Supported options:

  • stderr - reports websocket as a message to stderr,
  • http - exposes /json/list endpoint that contains inspector websocket
    url,
  • binding - require('inspector').url().

Related discussion: nodejs/diagnostics#303

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines

@alexkozy alexkozy requested a review from eugeneo May 16, 2019 22:43
@nodejs-github-bot
Copy link
Collaborator

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory. labels May 16, 2019
@alexkozy alexkozy added the inspector Issues and PRs related to the V8 inspector protocol label May 16, 2019
src/inspector_io.h Outdated Show resolved Hide resolved
src/inspector_socket_server.cc Outdated Show resolved Hide resolved
src/inspector_socket_server.cc Outdated Show resolved Hide resolved
@alexkozy alexkozy force-pushed the inspect-publish-uid branch 2 times, most recently from 379d809 to 5070b54 Compare May 17, 2019 23:05
@alexkozy
Copy link
Member Author

alexkozy commented May 17, 2019

I addressed comments and added another option - binding. When this option is not presented, require('inspector').url() returns undefined.

src/node_options.cc Outdated Show resolved Hide resolved
src/inspector_js_api.cc Outdated Show resolved Hide resolved
@eugeneo
Copy link
Contributor

eugeneo commented May 17, 2019

I addressed comments and added another option - binding. When this option is not presented, require('inspector').url() returns undefined.

IMHO, that's unnecessary. Code that can access inspector API can already do pretty much anything.

Copy link
Contributor

@eugeneo eugeneo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved modulo other review comments.

@alexkozy alexkozy force-pushed the inspect-publish-uid branch from 5070b54 to d48d6b4 Compare May 17, 2019 23:31
@alexkozy
Copy link
Member Author

I addressed comments and added another option - binding. When this option is not presented, require('inspector').url() returns undefined.

IMHO, that's unnecessary. Code that can access inspector API can already do pretty much anything.

I removed binding from this PR and I'd like to create separate one and when binding is not passed - disable inspector JS bindings all together. WDYT?

@eugeneo
Copy link
Contributor

eugeneo commented May 17, 2019

I removed binding from this PR and I'd like to create separate one and when binding is not passed - disable inspector JS bindings all together. WDYT?

I think that would warrant more discussions. I do not see utility of disabling the bindings. It would not help with the security (JS bindings are only accessible from inside the Node runtime).

My main concern is that people would disable JS bindings "for security" and end up confused why some ecosystem tools stop working.

@alexkozy alexkozy force-pushed the inspect-publish-uid branch from d48d6b4 to 177866f Compare May 18, 2019 00:32
@alexkozy
Copy link
Member Author

I think that would warrant more discussions. I do not see utility of disabling the bindings. It would not help with the security (JS bindings are only accessible from inside the Node runtime).

Imagine for a second compromised superpopular package that uses inspector to get anything from any package around violating any module/function scopes. It can access any other package information, it can open inspector websocket url and send it somewhere.

In general if I can inject some code to Node process using compromised dependency or some other way, I get access to part of JS heap but not to everything. As soon as I can use inspector in this snippet - I get access to everything.

My main concern is that people would disable JS bindings "for security" and end up confused why some ecosystem tools stop working.

If people need some tool to work then they need to allow inspection. And some ecosystem tool can easily check that inspection flag was not passed and ask user to pass it - it is not a big deal.

@nodejs-github-bot
Copy link
Collaborator

@Trott
Copy link
Member

Trott commented May 30, 2019

@eugeneo @ak239 Can/should this land? Or do you two still need to work out stuff?

@alexkozy
Copy link
Member Author

I need to fix a test first.

@Trott Trott added the blocked PRs that are blocked by other issues or PRs. label Jun 1, 2019
@Trott
Copy link
Member

Trott commented Jun 1, 2019

I need to fix a test first.

OK, thanks! I've added the blocked label. (When the test is fixed, remove it!)

@alexkozy alexkozy force-pushed the inspect-publish-uid branch from 177866f to 7129b9e Compare June 3, 2019 07:55
@nodejs-github-bot
Copy link
Collaborator

@alexkozy alexkozy force-pushed the inspect-publish-uid branch from 7129b9e to 106f4bf Compare June 3, 2019 08:47
@nodejs-github-bot
Copy link
Collaborator

This flag specifies how inspector websocket url should be reported.
Tthre options are supported:
- stderr - reports websocket as a message to stderr,
- http - exposes /json/list endpoint that contains inspector websocket
  url,
- binding - require('inspector').url().

Related discussion: nodejs/diagnostics#303
@alexkozy alexkozy force-pushed the inspect-publish-uid branch from 106f4bf to ccc51ca Compare June 3, 2019 09:02
@nodejs-github-bot
Copy link
Collaborator

@nodejs-github-bot
Copy link
Collaborator

@nodejs-github-bot
Copy link
Collaborator

@nodejs-github-bot
Copy link
Collaborator

@alexkozy alexkozy removed the blocked PRs that are blocked by other issues or PRs. label Jun 3, 2019
@alexkozy
Copy link
Member Author

alexkozy commented Jun 3, 2019

Landed in f0018a5

@alexkozy alexkozy closed this Jun 3, 2019
alexkozy added a commit that referenced this pull request Jun 3, 2019
This flag specifies how inspector websocket url should be reported.
Tthre options are supported:
- stderr - reports websocket as a message to stderr,
- http - exposes /json/list endpoint that contains inspector websocket
  url,
- binding - require('inspector').url().

Related discussion: nodejs/diagnostics#303

PR-URL: #27741
Reviewed-By: Eugene Ostroukhov <eostroukhov@google.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
BridgeAR pushed a commit that referenced this pull request Jun 17, 2019
This flag specifies how inspector websocket url should be reported.
Tthre options are supported:
- stderr - reports websocket as a message to stderr,
- http - exposes /json/list endpoint that contains inspector websocket
  url,
- binding - require('inspector').url().

Related discussion: nodejs/diagnostics#303

PR-URL: #27741
Reviewed-By: Eugene Ostroukhov <eostroukhov@google.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
@BridgeAR BridgeAR mentioned this pull request Jun 17, 2019
@@ -980,6 +987,7 @@ Node.js options that are allowed are:
- `--inspect`
- `--inspect-brk`
- `--inspect-port`
- `--inspect-publish-uid`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should also be documented in ./doc/node.1.

@BridgeAR
Copy link
Member

Should this actually be semver-minor?

@BridgeAR BridgeAR added the semver-minor PRs that contain new features and should be released in the next minor version. label Jun 20, 2019
@alexkozy alexkozy deleted the inspect-publish-uid branch June 20, 2019 17:07
@alexkozy alexkozy restored the inspect-publish-uid branch June 20, 2019 17:07
@alexkozy
Copy link
Member Author

@BridgeAR this pull request does not change default behavior so I believe we do not need semver-minor for it.

@BridgeAR
Copy link
Member

@ak239 if it would change the default, I'd expect it to be semver-major? We normally declare all new features as semver-minor.

@alexkozy
Copy link
Member Author

@BridgeAR I see, thank you for clarification. It is new feature so semver-minor sounds good to me.

BridgeAR added a commit that referenced this pull request Jun 26, 2019
Notable changes:

This release contains `semver-major` commits. These are in fact not
`semver-major` due to follow-up commits that remove all breaking changes.

* build:
  * The startup time is reduced by enabling V8 snapshots by default
    #28181
* deps:
  * Updated `V8` to 7.5.288.22 #27375
    * The numeric separator (v8.dev/features/numeric-separators) feature is now
      enabled by default
  * Updated `OpenSSL` to 1.1.1c #28211
* inspector:
  * The `--inspect-publish-uid` flag was added to specify ways of the inspector
    web socket url exposure #27741
* n-api:
  * Accessors on napi_define_* are now ECMAScript-compliant
    #27851
* report:
  * The cpu info got added to the report output
    #28188
* src:
  * Restore the original state of the stdio file descriptors on exit to prevent
    leaving stdio in raw or non-blocking mode
    #24260
* tools,gyp:
  * Introduce MSVS 2019 #27375
* util:
  * inspect:
    * Array grouping became more compact and uses more columns than before
      #28059
      #28070
    * Long strings will not be split at 80 characters anymore. Instead they will
      be split on new lines #28055
* worker:
  * `worker.terminate()` now returns a promise and using the callback is
    deprecated #28021

PR-URL: #28268
BridgeAR added a commit that referenced this pull request Jun 26, 2019
Notable changes:

* build:
  * The startup time is reduced by enabling V8 snapshots by default
    #28181
* deps:
  * Updated `V8` to 7.5.288.22 #27375
    * The numeric separator (v8.dev/features/numeric-separators) feature is now
      enabled by default
  * Updated `OpenSSL` to 1.1.1c #28211
* inspector:
  * The `--inspect-publish-uid` flag was added to specify ways of the inspector
    web socket url exposure #27741
* n-api:
  * Accessors on napi_define_* are now ECMAScript-compliant
    #27851
* report:
  * The cpu info got added to the report output
    #28188
* src:
  * Restore the original state of the stdio file descriptors on exit to prevent
    leaving stdio in raw or non-blocking mode
    #24260
* tools,gyp:
  * Introduce MSVS 2019 #27375
* util:
  * inspect:
    * Array grouping became more compact and uses more columns than before
      #28059
      #28070
    * Long strings will not be split at 80 characters anymore. Instead they will
      be split on new lines #28055
* worker:
  * `worker.terminate()` now returns a promise and using the callback is
    deprecated #28021

PR-URL: #28268
BridgeAR added a commit that referenced this pull request Jun 26, 2019
Notable changes:

* build:
  * The startup time is reduced by enabling V8 snapshots by default
    #28181
* deps:
  * Updated `V8` to 7.5.288.22 #27375
    * The numeric separator (v8.dev/features/numeric-separators) feature is now
      enabled by default
  * Updated `OpenSSL` to 1.1.1c #28211
* inspector:
  * The `--inspect-publish-uid` flag was added to specify ways of the inspector
    web socket url exposure #27741
* n-api:
  * Accessors on napi_define_* are now ECMAScript-compliant
    #27851
* report:
  * The cpu info got added to the report output
    #28188
* src:
  * Restore the original state of the stdio file descriptors on exit to prevent
    leaving stdio in raw or non-blocking mode
    #24260
* tools,gyp:
  * Introduce MSVS 2019 #27375
* util:
  * inspect:
    * Array grouping became more compact and uses more columns than before
      #28059
      #28070
    * Long strings will not be split at 80 characters anymore. Instead they will
      be split on new lines #28055
* worker:
  * `worker.terminate()` now returns a promise and using the callback is
    deprecated #28021

PR-URL: #28268
BridgeAR added a commit that referenced this pull request Jun 27, 2019
Notable changes:

* build:
  * The startup time is reduced by enabling V8 snapshots by default
    #28181
* deps:
  * Updated `V8` to 7.5.288.22 #27375
    * The numeric separator (v8.dev/features/numeric-separators) feature is now
      enabled by default
  * Updated `OpenSSL` to 1.1.1c #28211
* inspector:
  * The `--inspect-publish-uid` flag was added to specify ways of the inspector
    web socket url exposure #27741
* n-api:
  * Accessors on napi_define_* are now ECMAScript-compliant
    #27851
* report:
  * The cpu info got added to the report output
    #28188
* src:
  * Restore the original state of the stdio file descriptors on exit to prevent
    leaving stdio in raw or non-blocking mode
    #24260
* tools,gyp:
  * Introduce MSVS 2019 #27375
* util:
  * inspect:
    * Array grouping became more compact and uses more columns than before
      #28059
      #28070
    * Long strings will not be split at 80 characters anymore. Instead they will
      be split on new lines #28055
* worker:
  * `worker.terminate()` now returns a promise and using the callback is
    deprecated #28021

PR-URL: #28268
BridgeAR added a commit to BridgeAR/node that referenced this pull request Jun 27, 2019
Notable changes:

* build:
  * The startup time is reduced by enabling V8 snapshots by default
    nodejs#28181
* deps:
  * Updated `V8` to 7.5.288.22 nodejs#27375
    * The numeric separator (v8.dev/features/numeric-separators) feature is now
      enabled by default
  * Updated `OpenSSL` to 1.1.1c nodejs#28211
* inspector:
  * The `--inspect-publish-uid` flag was added to specify ways of the inspector
    web socket url exposure nodejs#27741
* n-api:
  * Accessors on napi_define_* are now ECMAScript-compliant
    nodejs#27851
* report:
  * The cpu info got added to the report output
    nodejs#28188
* src:
  * Restore the original state of the stdio file descriptors on exit to prevent
    leaving stdio in raw or non-blocking mode
    nodejs#24260
* tools,gyp:
  * Introduce MSVS 2019 nodejs#27375
* util:
  * inspect:
    * Array grouping became more compact and uses more columns than before
      nodejs#28059
      nodejs#28070
    * Long strings will not be split at 80 characters anymore. Instead they will
      be split on new lines nodejs#28055
* worker:
  * `worker.terminate()` now returns a promise and using the callback is
    deprecated nodejs#28021

PR-URL: nodejs#28268
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. inspector Issues and PRs related to the V8 inspector protocol lib / src Issues and PRs related to general changes in the lib or src directory. semver-minor PRs that contain new features and should be released in the next minor version.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

8 participants