gristlabs_grist-core/app/client
Paul Fitzpatrick 134ae99e9a (core) add gvisor-based sandboxing to core
Summary:
This adds support for gvisor sandboxing in core. When Grist is run outside of a container, regular gvisor can be used (if on linux), and will run in rootless mode. When Grist is run inside a container, docker's default policy is insufficient for running gvisor, so a fork of gvisor is used that has less defence-in-depth but can run without privileges.

Sandboxing is automatically turned on in the Grist core container. It is not turned on automatically when built from source, since it is operating-system dependent.

This diff may break a complex method of testing Grist with gvisor on macs that I may have been the only person using. If anyone complains I'll find time on a mac to fix it :)

This diff includes a small "easter egg" to force document loads, primarily intended for developer use.

Test Plan: existing tests pass; checked that core and saas docker builds function

Reviewers: alexmojaki

Reviewed By: alexmojaki

Subscribers: alexmojaki

Differential Revision: https://phab.getgrist.com/D3333
2022-03-24 17:04:49 -04:00
..
aclui (core) add a user.SessionID value for trigger formulas and granular access rules 2022-02-22 12:50:43 -05:00
components (core) Undo bug with summary table and raw data view 2022-03-24 20:03:33 +01:00
lib (core) Conditional formatting rules 2022-03-23 13:15:02 +01:00
models (core) Conditional formatting rules 2022-03-23 13:15:02 +01:00
ui (core) add gvisor-based sandboxing to core 2022-03-24 17:04:49 -04:00
ui2018 (core) Conditional formatting rules 2022-03-23 13:15:02 +01:00
widgets (core) Conditional formatting rules 2022-03-23 13:15:02 +01:00
accountMain.ts (core) Enable MFA configuration (and add SMS) 2022-01-19 13:55:54 -08:00
app.css (core) Make mobile the default mode. 2021-02-25 11:31:43 -05:00
app.js (core) Disable bfcache for all browsers 2021-11-24 09:47:00 -08:00
browserCheck.ts (core) fix browser check and favicon in grist-core 2022-01-05 18:15:05 -05:00
declarations.d.ts (core) Conditional formatting rules 2022-03-23 13:15:02 +01:00
errorMain.ts (core) Enable MFA configuration (and add SMS) 2022-01-19 13:55:54 -08:00
exposeModulesForTests.js (core) Some cleanup: remove old unused modules. 2020-11-20 11:23:20 -05:00
logo.css (core) Cleanup removing some old unused files, fixing logo.css, and removing #grist-app. 2020-10-09 17:04:09 -04:00
tsconfig.json (core) Migrate to SRP and add change password dialog 2022-03-16 21:35:06 -07:00