Stream: wasmtime

Topic: The XZ Backdoor and Wasmtime

view this post on Zulip fitzgen (he/him) (Apr 04 2024 at 22:06):

https://bytecodealliance.org/articles/xz-backdoor-and-wasmtime

The XZ Backdoor and Wasmtime
We are aware that the account responsible for the recent XZ backdoorcontributed a documentation-only pull request to Wasmtime, howeverWasmtime’s safety remains intact. We have reviewed the pull request in detailand confirmed that it only...

view this post on Zulip Nuke 🌄 (Apr 09 2024 at 14:15):

Curious about this wrt wasm: IIUC the malware was hidden quite deeply in a test binary ... As #warg and other binary distributions become more common, and the vision of being able to hot swap components inside a composed wasm system very easily becomes realized, what will be the safeguards in place to avoid XZ like issues with them?

view this post on Zulip Nuke 🌄 (Apr 09 2024 at 14:24):

I could imagine as the blog posed in this topic states that module isolation can help. But with wasi fs capable modules most of all, I could see this still happening:

Is it fair to say that there is not explicit hierarchy of components as well? Meaning anywhere in composition a module could import wasi and thus at least request system resources that might be exploited... Right? (Meaning that injection of something malicious could happen in any module)

Is there means to be alerted and/or restricted access per module for auditing wasm bnary packages now? (I bet there could be if wit compliance within the binary is enforced for components with any wasi imports if not yet - it would be at least possible to monitor changes in the wasi imports... But not sure how you could assure no malicous changes in runtime behavior really)

view this post on Zulip Lann Martin (Apr 09 2024 at 14:30):

A (non-root) component cannot get an import directly from the host; it can only receive it from the component that instantiates it. If a composition doesn't provide a wasi instance to some subtree of components there is no way for any component in that subtree to "reach out" and get access to that functionality.

view this post on Zulip Lann Martin (Apr 09 2024 at 14:32):

Is it fair to say that there is not explicit hierarchy of components as well?

Nope! :smile:

view this post on Zulip Lann Martin (Apr 09 2024 at 14:33):

@Luke Wagner's talk on components might of interest to you: YouTube - Keynote: What is a Component (and Why)? - Luke Wagner, Distinguished Engineer, Fastly

Last updated: Nov 22 2024 at 16:03 UTC