18 lines
671 B
YAML
18 lines
671 B
YAML
# Base configuration for security sensitive environments.
|
|
|
|
# Avoid summary of object/key for rejected property operations. May be
|
|
# relevant if keys contain potentially sensitive information.
|
|
DUK_USE_PARANOID_ERRORS: true
|
|
|
|
# Disable tracebacks, minimizes attacker knowledge of call chains. Access
|
|
# to the internal error _Tracedata property provides access to all functions
|
|
# in the call chain (even when they're otherwise not visible to sandboxed
|
|
# code).
|
|
DUK_USE_TRACEBACKS: false
|
|
|
|
# Dense string hashing may be useful against accidental string hash collisions.
|
|
# This won't prevent an attacker from finding intentional collisions.
|
|
DUK_USE_STRHASH_DENSE: true
|
|
|
|
# TBD
|