Paul Fitzpatrick 6e15d44cf6 (core) start applying defenses for untrusted document uploads ... Summary: This applies some mitigations suggested by SQLite authors when opening untrusted SQLite databases, as we do when Grist docs are uploaded by the user. See: https://www.sqlite.org/security.html#untrusted_sqlite_database_files Steps implemented in this diff are: * Setting `trusted_schema` to off * Running a SQLite-level integrity check on uploads Other steps will require updates to our node-sqlite3 fork, since they are not available via the node-sqlite3 api (one more reason to migrate to better-sqlite3). I haven't yet managed to create a file that triggers an integrity check failure without also being detected as corruption by sqlite at a more basic level, so that is a TODO for testing. Test Plan: existing tests pass; need to come up with exploits to actually test the defences and have not yet Reviewers: dsagal Reviewed By: dsagal Differential Revision: https://phab.getgrist.com/D2909		2021-07-14 18:34:27 -04:00
..
client	(core) Refactoring google drive plugin	2021-07-14 09:52:04 +02:00
common	(core) Refactoring google drive plugin	2021-07-14 09:52:04 +02:00
gen-server	(core) link AppSumo activations with stripe, and support upgrades/downgrades	2021-06-24 10:18:42 -04:00
plugin	(core) Showing censored values as a grey cell	2021-06-07 13:11:41 +02:00
server	(core) start applying defenses for untrusted document uploads	2021-07-14 18:34:27 -04:00
tsconfig.json	(core) move home server into core	2020-07-21 20:39:10 -04:00