Packages can add commands to types they don't own

Question

Packages can add commands to types they don't own

Opened this issue 3 years ago · 0 comments

This is an intended behaviour, so the aim of this ticket is not to remove it, but to add a bit more of controls to it so users can consent to it being done. Because packages can add commands to any type, they may be able to trick users into executing code that they would otherwise not do.

The issue is already mitigated with the use of capabilities. Even though, in theory, attackers can add commands to any types, and try to trick users into invoking their version of the command (likely a typo), they are still restricted in what they can do; they can do exactly what the capabilities granted to their package allows them to do. This reduces the amount of interesting attacks that can be done.