pezkuwichain/pezkuwi-subxt
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pezkuwi-subxt.git synced 2026-06-14 09:51:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

PVF: more filesystem sandboxing (#1373)

Browse Source
This commit is contained in:
Marcin S
2023-09-28 18:24:29 +02:00
committed by GitHub
parent de71fecc4e
commit c1eb342b14
24 changed files with 1528 additions and 612 deletions
Download Patch File Download Diff File Expand all files Collapse all files
polkadot/roadmap/implementers-guide/src/node/utility/pvf-host-and-workers.md
+4 -4
View File
@@ -121,10 +121,10 @@ So what are we actually worried about? Things that come to mind:
### Restricting file-system access
A basic security mechanism is to make sure that any thread directly interfacing
with untrusted code does not have access to the file-system. This provides some
protection against attackers accessing sensitive data or modifying data on the
host machine.
A basic security mechanism is to make sure that any process directly interfacing
with untrusted code does not have unnecessary access to the file-system. This
provides some protection against attackers accessing sensitive data or modifying
data on the host machine.
### Clearing env vars