| ▲ | Groxx 8 hours ago |
| Ehm. No? https://obsidian.md/help/plugin-security#Plugin+capabilities >Due to technical limitations, Obsidian cannot reliably restrict plugins to specific permissions or access levels. This means that plugins will inherit Obsidian's access levels. As a result, consider the following examples of what community plugins can do: Community plugins can access files on your computer.
Community plugins can connect to internet.
Community plugins can install additional programs.
Obsidian has no protection at all. Installing a plugin gives it full access to your computer.This was only a matter of time, and honestly I think it's inexcusably negligent that they shipped a plugin system like this at all since about 2010 (or arguably much earlier). |
|
| ▲ | e28eta 2 hours ago | parent | next [-] |
| I remember reading that page sometime pre-COVID, and being surprised at just how ridiculous it was. It started strong with “The Obsidian team takes security seriously”, but then almost everything else on the page led me to believe they didn’t actually take security very seriously. I agree with the claim of negligence. I think they were more than happy to reap the benefits of a thriving community plugin ecosystem, and were hoping this page would provide enough CYA when security breaches inevitably occurred. > TIP: If you're working with sensitive data and wish to install a community plugin, we recommend that you perform an independent security audit on the plugin before using it. I wonder just how many plugins received a security audit. |
| |
| ▲ | nkrisc 18 minutes ago | parent [-] | | I use only one plugin because I am aware of the security model (or lack thereof). I only use one because I read the source and am convinced it’s safe. It would be foolish to blindly install many plugins. |
|
|
| ▲ | pointlessone 8 hours ago | parent | prev | next [-] |
| It does give full access but Obsidian does tell you that. Community plugins are not enabled by default, you have to enable them manually. Same happens with a shared vault: once you get it you still have to manually enable plugins. So far no one managed to sneak in a plugin completely unnoticed. |
| |
| ▲ | kid64 8 hours ago | parent | next [-] | | That's horse hockey. Obsidian is not a usable system without community plugins. Folks will reply "but I use it every day without plugins". That position disregards software usability as a formal discipline, along with decades of UX research and standards. | | |
| ▲ | wasabi991011 4 hours ago | parent | next [-] | | If you want to use a niche, academic definition of "usable", that's fine but you better be ready to explain yourself. Because in general, "usable" means "people use it". Which they do for Obsidian without community plugins without issues. | | |
| ▲ | eviks 4 hours ago | parent [-] | | To make an actual counter, you need numbers. If only a tiny niche of users use it without community plugins, then yes, it's unusable (in a practical definition of the term) |
| |
| ▲ | Loocid 8 hours ago | parent | prev | next [-] | | As one of those people that uses Obsidian without plugins, what plugins do you consider essential? | | |
| ▲ | fnordlord 6 hours ago | parent | next [-] | | I rely on Advanced URI, which opens certain functionality up to external apps. I use Raycast and with Cmd+Space, it lets me open vaults or daily notes.
And Obsidian_to_Anki, but that's probably just me because I have no clue how to use Anki otherwise. | |
| ▲ | troad 6 hours ago | parent | prev | next [-] | | Me too. All I want is a top-notch Markdown editor with a mobile app and trustworthy sync, and that's what Obsidian gives me. And if ever Obsidian goes away or is enshittified, I'll still have a perfectly good folder of Markdown documents that I can take elsewhere. | |
| ▲ | cpach 6 hours ago | parent | prev [-] | | Same here, zero plugins for me. |
| |
| ▲ | jjice 6 hours ago | parent | prev | next [-] | | But I use it every day without plugins. Seriously though, I agree with your sentiment that community plugin security can and needs to be improved, but how does someone saying they use it every day "disregard software usability as a formal discipline, along with decades of UX research and standards" | |
| ▲ | ImPostingOnHN 8 hours ago | parent | prev | next [-] | | The attack here requires not just enabling community plugins, but also syncing the attacker's vault to your computer, and also separately enabling the synchronization of the attacker's plugins with yours. | | |
| ▲ | guiambros 7 hours ago | parent [-] | | Yes, in this specific case. Obsidian Plugins are still incredibly vulnerable. A compromised plugin will essentially take over your machine. There's no sandboxing of any kind. It's even more insecure than browser extensions (that could steal your auth tokens, but at least don't have unfettered access to your filesystem). This is really unfortunate. I love Obsidian and am a paid subscriber for many years, but the community plugins needs a security overhaul asap, before someone gets hurt. | | |
| ▲ | Ferret7446 6 hours ago | parent [-] | | The same is true for all software on your machine. | | |
| ▲ | Groxx 5 hours ago | parent [-] | | Not even slightly. Browser extensions are a trivial counter-example, as are all flatpacks, and anything restricted by user/group. That covers probably literally a majority of all software on your computer, because people have been voluntarily restricting their software to protect you from their potential accidents for decades. | | |
| ▲ | ImPostingOnHN 4 hours ago | parent [-] | | > That covers probably literally a majority of all software on your computer If you're running GNU/Linux, chances are you'll have hundreds, if not thousands, of pieces of software that run totally unsandboxed. Yes, a very small minority of applications are unfortunately primarily distributed via flatpak or snap, and the distributors don't care about the user experience, so it's error-ridden and problem-ridden, but chances are you can get a "normal computer program" version of it unencumbered by such grossness. | | |
| ▲ | Groxx 4 hours ago | parent [-] | | And tons won't be part of e.g. root, or dialout (to pick one I've had to deal with a lot lately), or many other more-privileged-than-default groups, yes. That's a permissions system working as intended. Besides. They said "all software on your machine". That is trivially false, to a significant degree. |
|
|
|
|
| |
| ▲ | kid64 8 hours ago | parent | prev | next [-] | | Yeah, but these attacks are possible without any of that complexity. | |
| ▲ | 7 hours ago | parent | prev | next [-] | | [deleted] | |
| ▲ | Barrin92 8 hours ago | parent | prev | next [-] | | I think that's especially important to point out because it reminded me of a blog post by Obsidian that also was discussed here[1], where they talked about reducing supply chain risk by not relying on dependencies, but people quickly pointed out that this is only possible because users depend so heavily on extensions. Just look at that top comment and here we are now. This combination of software relying on third parties without security seems to be untenable. Personally I've gotten rid of just about as many extensions as I can anywhere and switched to batteries included software. [1]https://news.ycombinator.com/item?id=45307242 | |
| ▲ | AlienRobot 7 hours ago | parent | prev [-] | | The real problem is people believing "plugins" are not full software. If you install a dozen mini-apps from random developers you never heard about, you can't complain if one is malware. Krita also has a plugin system based on Python. Any "plugin" has the same level of access as running a python script. Personally I blame operating systems for not providing a way to isolate how programs interact with user files. | | |
| ▲ | Groxx 4 hours ago | parent | next [-] | | Krita: that is a decision by Krita(/GIMP) and not anything inherent in "plugins" or "python" - it could be a bubblewrap/firejail contained process, for example (other OSes have similar-ish options but there's always something, e.g. don't use cpython). They have chosen to continue to put their users at risk by not doing anything at all like that. There are of course complications, costs, and downsides associated with doing that. It might not be worth it currently, or performance costs might be too high, or the community might be overwhelmingly using abandoned plugins that won't be updated, etc. It's still a decision to remain complacent until forced by attacks though, it's well beyond common knowledge that these things happen so you can't really call it ignorance. | |
| ▲ | pdpi 6 hours ago | parent | prev [-] | | Software engineers at large would benefit from playing World of Warcraft, and seeing the ongoing fight between Blizzard and add-on authors. WoW's whole UI is built in the same Lua environment as add-ons, and Blizzard has implemented some interesting restrictions (like the taint system[0]) to prevent add-ons from completely automating gameplay. 0. https://wowpedia.fandom.com/wiki/Secure_Execution_and_Tainti... | | |
| ▲ | Groxx 5 hours ago | parent | next [-] | | Thanks! I've been meaning to read up on taint systems, looks interesting :) I'm somewhat convinced that taint-influenced capabilities is a good future model to pursue. Computers are fast, I'm fairly confident that it chould be done at whole-computer scale and still be reasonable... though probably not with a million electron apps. Which is likely a good thing in aggregate (I say as a fan of web tech and the very compelling features such things offer. Great for minor or PoC, not for major pieces of software). | |
| ▲ | AlienRobot 6 hours ago | parent | prev [-] | | World of Warcraft is one of the most popular MMO's ever made. You simply can't expect every software that wants a plugin system to have the same security practices as the most used software in the world. In fact, there are many reasons why you might want a plugin to have full filesystem and internet access, such as batch processing or simply adding things directly from webpages. Sandboxing this will just make plugins less useful. In the end it's a problem of trust. You're installing software from untrustworthy developers because you trust the name of the application those plugins are associated with. You could fix the problem in Obsidian, but the same problem will happen in other software. Some of which simply can't justify bothering with sandboxing plugins. This is just the way plugins are. | | |
| ▲ | pdpi 5 hours ago | parent [-] | | > You simply can't expect every software that wants a plugin system to have the same security practices as the most used software in the world. I'm not saying that I think they should, or that I expect them to. I'm saying that it's one particular implementation of sandboxing that has a bunch of interesting properties, and that makes it worth studying. |
|
|
|
| |
| ▲ | Groxx 8 hours ago | parent | prev [-] | | "Hey users: don't do insecure things. Here's a button to do cool insecure things!" is not a plugin security model. | | |
| ▲ | Ferret7446 6 hours ago | parent [-] | | Meanwhile that is exactly what a lot of people here want for Android with side loaded apps | | |
| ▲ | eightys3v3n 5 hours ago | parent | next [-] | | I'm not sure I agree or understand where you're coming from.
Side-loaded Android apps are still bound by all the same permission restrictions as any app installed by the Play Store. The only difference is Google didn't review it (for what little good that does) and that I didn't get the app from Google. If I side-load a camera app, it still has to ask for camera privileges the same way any Play store app does. Is there something in your message I missed about how it relates to this article or is this just being uninformed about side-loading? | |
| ▲ | Groxx 5 hours ago | parent | prev [-] | | Sideloading bypasses nothing at all except Google's thumbs-up, Android's permission system doesn't work that way. |
|
|
|
|
| ▲ | Paul-E 8 hours ago | parent | prev | next [-] |
| Obsidian seems like a perfect candidate for a WASM/WASI based plugin system that would properly sandbox plugin code. |
| |
| ▲ | Groxx 7 hours ago | parent [-] | | For at least the vast majority, yes definitely. I'm fine with full bypasses existing (say a webgl thing, or web previews, custom VCS integration, there are tons of legitimate reasons to escape a sandbox), but they should be an abnormality with heavy warnings and proportionate community attention to watch for issues, not the only option. I don't think they meant it this way, but I honestly consider unsafe official plugin systems to be negligent to the point of being actively malicious. By releasing one, if you ever become successful you have explicitly chosen to screw over an unknown number of your users to save yourself a relatively small amount of work in the short term. It might be single digit users, or it might be septuple digit users - is it really worth it? (Unsafe unofficial plugins, like most games? Mildly unfortunate but I think that's fine. Though a healthy modding community around your stuff should be a VERY STRONG sign that you should introduce a safe version to protect your users, if it won't cause you to implode (it definitely can)). |
|
|
| ▲ | hirvi74 3 hours ago | parent | prev | next [-] |
| Seems like the same risks of downloading plugins/packages for various text editors. |
|
| ▲ | moron4hire 8 hours ago | parent | prev [-] |
| A program one runs on one's computer can and should be able to do computer things. The alternative road you're advocating for ends in hardware attestation https://news.ycombinator.com/item?id=48086190 |
| |
| ▲ | no-name-here an hour ago | parent [-] | | There are in-between models, such as: * Android's permissions model where the user must approve specific potentially undesirable classes of actions (separate from the 24H delay, etc controversy) * Optional sandboxing |
|
