Context
The current implementation executes JSONata expressions from schema files without robust sandboxing. While this is acceptable for a CLI tool where users provide their own schemas, we should consider hardening options for processing untrusted schemas.
Current State
- JSONata expressions are executed directly via
jsonata(expr)
- Security warnings added to README regarding trusted sources
- Users advised to only use schemas from trusted sources
Proposed Hardening Options
Option 1: Current Approach ✅ (Implemented)
- Security documentation + user responsibility
- Only use schemas from trusted sources
- Pros: Simple, no complexity, honest about limitations
- Cons: Requires user vigilance, no technical protection
Option 2: True Sandboxing
- Use
isolated-vm or worker threads with restricted permissions
- Pros: Actually secure against arbitrary code execution
- Cons: Adds complexity/dependencies, may impact performance
Option 3: Expression Allowlisting
- Validate expressions against safe patterns only
- Prevent constructor escape patterns
- Pros: Prevents known attack vectors, maintains expressiveness
- Cons: May limit legitimate use cases, requires ongoing maintenance
Option 4: Alternative Expression Library
- Replace JSONata with safer alternatives like JSON Logic
- Pros: No code execution risk, well-defined semantics
- Cons: Less expressive than JSONata, migration effort
Research Needed
- Evaluate
isolated-vm integration complexity
- Research JSONata expression validation approaches
- Assess performance impact of sandboxing
- Review JSON Logic expressiveness vs current JSONata usage
- Survey other CLI tools' approaches to this problem
Priority
Medium - Current documentation approach is acceptable for trusted use cases, but hardening would enable safer processing of third-party schemas.
References
- Security review identified JSONata injection as potential concern
- Constructor escape:
((data.constructor.constructor('return process')()))
- Similar tools often use sandboxed VMs or expression validation
Context
The current implementation executes JSONata expressions from schema files without robust sandboxing. While this is acceptable for a CLI tool where users provide their own schemas, we should consider hardening options for processing untrusted schemas.
Current State
jsonata(expr)Proposed Hardening Options
Option 1: Current Approach ✅ (Implemented)
Option 2: True Sandboxing
isolated-vmor worker threads with restricted permissionsOption 3: Expression Allowlisting
Option 4: Alternative Expression Library
Research Needed
isolated-vmintegration complexityPriority
Medium - Current documentation approach is acceptable for trusted use cases, but hardening would enable safer processing of third-party schemas.
References
((data.constructor.constructor('return process')()))