My notes on "Visual Studio Code extensions are much less secure than browser extensions or even npm packages"

My notes on Visual Studio Code extensions are much less secure than browser extensions or even npm packages

This is another serious attack vector that opens the door for developer compromise.

Extensions don’t have much in terms of permission management. An extension can do pretty much anything it wants, load what it wants, read and write what it wants, and run whatever it likes.

They automatically update, which makes a bait-and-switch tactic easy, where an attacker first publishes a legitimate extension but later updates it to include malware.

After the xz backdoor attempt I became concerned about my setup. Yes, xz is a system component that, upon a successful exploit, can run arbitrary code, but the same impact can be achieved by:

  • any npm package that any of my project installs
  • any extension I run in my IDE

Potentially, any package or extension could completely compromise my system: they can steal browser cookies (read + network access) or install a backdoor (write + network access). While standard Linux permissions protect the system itself, my user account holds the keys to pretty much everything I do.

My temporary solution was firejailing. While it's convenient sometimes, my IDE does not need network access. And npm does not need to have access to my dotfiles or the config files for other programs.

What I found is that just limiting filesystem access allows a lot more secure environment. But I'm not completely happy with firejail and will look into apparmor in the future.

And back to the article:

The information is just taken from a GitHub project and there apparently isn’t any verification that the project matches what’s in the extension, so an attacker could have an open source GitHub project while actually shipping different code with the extension.

That sounds familiar: npm does allow uploading any package (unless provenance is used), and also the xz backdoor used this to hide its payload activation. Can't we just fix this already?

The upside of managing to deliver a seemingly innocuous but compromising extension is enormous.

So big, in fact, that it’d be foolish to think it isn’t already happening.

Master AWS serverless app development

Well-researched books and courses to help you with your serverless journey in one single package.

A package of 4 books and 1 course.

Build deep understanding and accelerate your learning of AWS, serverless, and web technologies.

More info and sign up >
July 3, 2024
Author's image
Tamás Sallai

I came to believe that great software craftsmanship starts with understanding the underlying technologies better. You can't rely on "easy solutions" and "quick fixes" when you want dependable systems. I write about technology to deepen my knowledge and also to help others solve problems.

I'm the author of several books and courses.

Author's image

Hi, I'm Tamás,

I write articles about AWS, Javascript, security, and web technologies.

I'm the author of several books and courses.

Free PDF guide

Sign up to our newsletter and download the "Foreign key constraints in DynamoDB" guide.