Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sandboxing the renderer process #837

Open
hal-shu-sato opened this issue Sep 29, 2022 · 7 comments
Open

Sandboxing the renderer process #837

hal-shu-sato opened this issue Sep 29, 2022 · 7 comments
Assignees
@hal-shu-sato
Labels
Feedback: enhancement New feature or request Priority: high Quick fix is needed Type: refactoring Refactoring codes

Comments

@hal-shu-sato
Copy link
Collaborator

Since Election 20.0.0, renderers are sandboxed by default.
So, we have to think of sandboxing the renderer process.

Reference

https://zenn.dev/sprout2000/books/6f6a0bf2fd301c/viewer/13319
https://developer.mamezou-tech.com/blogs/2022/08/03/electron-renderer-process-sandboxed/
@hal-shu-sato hal-shu-sato added Feedback: enhancement New feature or request Type: refactoring Refactoring codes Priority: high Quick fix is needed labels Sep 29, 2022
@mitosagi
Copy link
Collaborator

The fs-extra, os and electron->shell referenced by preload.ts are affected.

It is necessary to refactor the lib folder into two folders, one for the main process and one for the renderer process.

@hal-shu-sato
Copy link
Collaborator Author

Related to this PR, the idea of #317 may be helpful.

@hal-shu-sato hal-shu-sato self-assigned this Oct 26, 2022
@hal-shu-sato
Copy link
Collaborator Author

If we do this, we can't use electron-log until the feature(megahertz/electron-log#267) is added.

And, there is some problem to do this...
When I use import, the preload script use __dirname and causes an error...
I think webpack causes this problem but I don't know anymore......

@hal-shu-sato
Copy link
Collaborator Author

In electron/forge#2931, a new issue was created and I might find a suggestion in a pull request.

@hal-shu-sato
Copy link
Collaborator Author

I might find the cause.
The cache of webpack-asset-relocator-loader might be the cause.
I change not to run initAssetCache for the renderer process, then the preload script works fine.
But I don't know whether this is the correct fix......

hal-shu-sato added a commit that referenced this issue Nov 16, 2022
@hal-shu-sato
build(webpack): adjust the plugin config
1270007 
#837
hal-shu-sato added a commit that referenced this issue Nov 16, 2022
@hal-shu-sato
refactor(about_window): enable sandbox on the about window
8ed93b2 
#837
This was referenced Nov 16, 2022
Draft
Merged
@hal-shu-sato
Copy link
Collaborator Author

Note: https://code.visualstudio.com/blogs/2022/11/28/vscode-sandbox

@hal-shu-sato
Copy link
Collaborator Author

electron-log v5 (it's beta now) will support the sandbox of the renderer process.

https://github.com/megahertz/electron-log

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hal-shu-sato hal-shu-sato

Labels
Feedback: enhancement New feature or request Priority: high Quick fix is needed Type: refactoring Refactoring codes
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hal-shu-sato @mitosagi