As web has shifted dramatically, in the last decade, and apps turn richer and richer, and while modular systems such as npm has risen, one thing remained static: which is the memory. While developing in native, there are many way to separate different instruction sets to different memory zones (the simplest way is just creating a process), the management of the memory in js is quite global. Technically any reachable memory of js, is reachable from any function; which of course poses a great challenge for all:
- If for some reason an XSS vulnerability is able to run code, it can potentially can read the entire user data in the same scope.
- If for some reason, an attacker is able to inject to existed npm package code, it might be able, also to kidnap data, from any app that uses that module.
The most extreme example I can think of, is for example, an etherum wallet, and a dapp. Most of the code of a dapp should not be able to read the data of the wallet or even interact with, and though it seems there is some progress regarding how to store this data, we can do better.
The proposal:
A script should be able to create a memory sandbox which prevents a from in the sandbox from accessing different function or variable outside the scope. by the default that includes DOM element. Therefore, creating privileged section of code, while maintaining that most of the code will be access only its own “yard”, in an OS-ring like fashion. It can be done by adding a native function, “sandbox”, which accept function and parameters, and returns a sandboxed function. In the future the bundler of the eco-systems, for example webpack, hopefully, will auto sandbox entire modules by default.