restrict
v0.0.9
Published
Restricts applications from calling certain methods on process and all methods on child_process
Downloads
928
Readme
restrict
Nodejs module that blocks applications from using procss.binding('process_wrap'), process.kill and child_process methods. This protects applications from invoking these methods unintentionally, that could harm the functioning of the framework or application being developed.
This package is tested only with Node versions 8 and 10.
install
With npm do:
npm install restrict
usage
var restrict = require('restrict');
// ls is whitelisted
restrict({
'whitelist': ['ls'],
'whitelistPath': ['/bin']
});
//set whitelist can be invoked, if the whitelist is dynamic
restrict.setWhitelist(['grep'], ['/bin', '/usr/bin']);
var child_process = require('child_process');
try {
// ls is whitelisted. So you can see the output of ls
child_process.exec('/bin/ls', function (err, stdout, stderr) {
console.log(stdout);
});
// grep is not whitelisted. Exception thrown
child_process.spawn('grep', ['ssh']);
} catch (e) {
//this will throw an error
//[Error: Function call spawn() is prohibited in this environment.]
console.log(e);
}
try {
process.kill(30);
} catch (e) {
//this will throw an error
//[Error: Function call process.kill() is prohibited in this environment.]
console.log(e);
}