gristlabs_grist-core/test
Paul Fitzpatrick 6e15d44cf6 (core) start applying defenses for untrusted document uploads
Summary:
This applies some mitigations suggested by SQLite authors when
opening untrusted SQLite databases, as we do when Grist docs
are uploaded by the user.  See:
  https://www.sqlite.org/security.html#untrusted_sqlite_database_files

Steps implemented in this diff are:
  * Setting `trusted_schema` to off
  * Running a SQLite-level integrity check on uploads

Other steps will require updates to our node-sqlite3 fork, since they
are not available via the node-sqlite3 api (one more reason to migrate
to better-sqlite3).

I haven't yet managed to create a file that triggers an integrity
check failure without also being detected as corruption by sqlite
at a more basic level, so that is a TODO for testing.

Test Plan:
existing tests pass; need to come up with exploits to
actually test the defences and have not yet

Reviewers: dsagal

Reviewed By: dsagal

Differential Revision: https://phab.getgrist.com/D2909
2021-07-14 18:34:27 -04:00
..
nbrowser (core) Refactoring google drive plugin 2021-07-14 09:52:04 +02:00
server (core) start applying defenses for untrusted document uploads 2021-07-14 18:34:27 -04:00
init-mocha-webdriver.js (core) freshen grist-core build 2021-04-03 09:41:06 -04:00
mocha.opts (core) Move report-why-tests-hang helper to core 2021-04-26 23:52:16 -04:00
report-why-tests-hang.js (core) Move report-why-tests-hang helper to core 2021-04-26 23:52:16 -04:00
tsconfig.json (core) freshen grist-core build 2021-04-03 09:41:06 -04:00
xunit-file.js (core) freshen grist-core build 2021-04-03 09:41:06 -04:00