You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: content/blog/security.mdx
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -94,7 +94,7 @@ Part of nteract's security story is the framework we chose to build on.
94
94
95
95
The original nteract was Electron. Electron bundles Chromium with full Node.js access — every renderer process can `require('child_process')` and run shell commands unless you carefully restrict it. That's a lot of surface area to defend, and a single `nodeIntegration: true` away from disaster.
96
96
97
-
[Tauri](https://tauri.app/) flips this. The frontend is a native webview with no Node.js. There's no `require`, no `child_process`, no `fs` available to JavaScript by default. The backend is Rust. Every native capability — filesystem access, shell commands, HTTP requests — must be explicitly granted through a capability system. If we don't allowlist it, the frontend can't do it.
97
+
[Tauri](https://tauri.app/) flips this. The frontend is a native webview with no Node.js. There's no `require`, no `child_process`, no `fs` available to JavaScript by default. The backend is Rust. Every native capability — filesystem access, shell commands, HTTP requests — must be explicitly granted through a [capability system](https://github.com/nteract/desktop/issues/908). If we don't allowlist it, the frontend can't do it.
98
98
99
99
This matters for notebooks because the webview is where untrusted outputs render. In Electron, a sandbox escape in an output iframe could reach Node.js APIs. In Tauri, even if an iframe somehow escaped its sandbox, there's nothing on the other side — no runtime to hijack, no implicit native access. The webview is a dead end by design.
100
100
@@ -115,6 +115,6 @@ None of these are revolutionary ideas individually. But notebooks have operated
115
115
*[Secret redaction](https://github.com/nteract/desktop/issues/1557): if your code accidentally prints an API key, nteract catches it at the daemon and redacts it before any client — UI, agent, or blob store — ever sees the value.
116
116
*[Runtime sandboxing](https://github.com/nteract/desktop/issues/1307): OS-level process isolation for kernel subprocesses, so untrusted code runs with only the access it needs — project files, packages, and localhost. Opt-in at first, with the long-term goal of sandboxing agent-initiated sessions by default.
117
117
*[Remote runtimes over SSH](https://github.com/nteract/desktop/issues/1334): run kernels on remote machines, tunneled through SSH. No new auth systems, no exposed ports.
118
-
*[Scoped Tauri capabilities](https://github.com/nteract/desktop/issues/908): each window gets only the native permissions it actually needs, not the full set.
0 commit comments