As a developer, is there a way on mac to limit npm file access to the specific project?
So that if you install a compromised package it cannot access any data outside of your project directory?
Wrote a small utility shell script that uses docker behind the scenes to prevent access to your host machine while still allowing full npm install and run workflow.
freakynit|5 months ago
https://github.com/freakynit/simple-npm-sandbox
Disclaimer: I am not Docker expert. Please review the script (sandbox.js) and raise any potential issues or suggestions.
Thanks..
tredre3|5 months ago
I've never tried any of them but there's also a few wrappers specifically to do that, such as: https://github.com/berstend/node-safe
Otherwise you're down to docker or virtualisation or creating one system user per project...
mfro|5 months ago