Software libraries and language package managers need a permission model like mobile.

I really hate mobile but permissions are the best thing they’ve done. I installed zoom on my phone and not on my laptop, for example, because zoom is an infestation and mobile OSes are built for isolation.

We should have the same ability to isolate and limit 3rd-party code that gets built into the applications that we write.

It would be great to assert, in my requirements.txt or package.json or go.mod, that a library doesn’t connect to the internet, or write to disk, or start threads (i.e. do out of band work), or access heap (i.e. read anything not passed into it).

And it should FAIL THE EFFING BUILD if that changes in the future.


‘How’ is complicated – you might block access to parts of the standard library. But OSes provide a lot of attack surfaces for network access (filesystem, system calls), so I don’t think this is totally simple.

I suspect compiled languages are harder to control than interpreted languages, and might require more sophisticated protection.

Compiled code already has an ‘executable’ bit to distinguish it from random memory and protect against buffer overflows. I think this is hardware-mediated, not OS-level, so it’s not as simple as patching the kernel. But it would be neat to have your hardware enforce ‘no system calls’ for parts of your program. I wonder if pervasive VMs in cloud hosting make this easier; can Xen enforce this?

Why aren’t software supply chain attacks pervasive

I wonder about this all the time.

Maybe it takes a fair amount of earned trust to produce a useful library, and it’s hard-ish to fake that, and expensive to squander it?

My sense (and I don’t study this, so don’t quote me) is that supply chain attacks now happen through abandonware, or typos for common packages.

There are some war stories for binary downloads and system updates. Avast’s CCleaner got hit, ASUS’s system update tool got compromised, someone replaced the download URL for Linux MINT. Interestingly none of these are for source downloads.

I think the NSA pressured RSA or RSA employees to weaken some prime numbers that they used in key generation. I could be convinced that a lot of state-level supply chain attacks take this form, of introducing or preserving subtle flaws.

I don’t doubt that software trust will become more important, and that attacks will pick up. We need more tools to keep our stuff safe. Package permissions can be one of them.