My notes on "Visual Studio Code extensions are much less secure than browser extensions or even npm packages"

My notes on Visual Studio Code extensions are much less secure than browser extensions or even npm packages

This is another serious attack vector that opens the door for developer compromise.

Extensions don’t have much in terms of permission management. An extension can do pretty much anything it wants, load what it wants, read and write what it wants, and run whatever it likes.

They automatically update, which makes a bait-and-switch tactic easy, where an attacker first publishes a legitimate extension but later updates it to include malware.

After the xz backdoor attempt I became concerned about my setup. Yes, xz is a system component that, upon a successful exploit, can run arbitrary code, but the same impact can be achieved by:

  • any npm package that any of my project installs
  • any extension I run in my IDE

Potentially, any package or extension could completely compromise my system: they can steal browser cookies (read + network access) or install a backdoor (write + network access). While standard Linux permissions protect the system itself, my user account holds the keys to pretty much everything I do.

My temporary solution was firejailing. While it's convenient sometimes, my IDE does not need network access. And npm does not need to have access to my dotfiles or the config files for other programs.

What I found is that just limiting filesystem access allows a lot more secure environment. But I'm not completely happy with firejail and will look into apparmor in the future.

And back to the article:

The information is just taken from a GitHub project and there apparently isn’t any verification that the project matches what’s in the extension, so an attacker could have an open source GitHub project while actually shipping different code with the extension.

That sounds familiar: npm does allow uploading any package (unless provenance is used), and also the xz backdoor used this to hide its payload activation. Can't we just fix this already?

The upside of managing to deliver a seemingly innocuous but compromising extension is enormous.

So big, in fact, that it’d be foolish to think it isn’t already happening.

July 3, 2024

Free PDF guide

Sign up to our newsletter and download the "Foreign key constraints in DynamoDB" guide.