tsai
/
thingsboard
mirror of https://github.com/thingsboard/thingsboard.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Security: enable Node.js Permission Model for JS executor 

Add --permission and --allow-fs-read=/usr/share/tb-js-executor/* to
NODE_OPTIONS to restrict filesystem access and sandbox script execution.
pull/15680/head
pon0marev 1 week ago
parent
c349342ac1
commit
acfdcf7681
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      docker/tb-js-executor.env

2
docker/tb-js-executor.env
View File

@ -4,4 +4,4 @@ LOG_FOLDER=logs
LOGGER_FILENAME=tb-js-executor-%DATE%.log
DOCKER_MODE=true
SCRIPT_BODY_TRACE_FREQUENCY=1000
NODE_OPTIONS="--max-old-space-size=200"
NODE_OPTIONS="--max-old-space-size=200 --permission --allow-fs-read=/usr/share/tb-js-executor/*"

Write Preview
Loading…
Cancel
Save