←back to thread

Less is safer: How Obsidian reduces the risk of supply chain attacks

(obsidian.md)
474 points saeedesmaili | 1 comments | 19 Sep 25 22:02 UTC | HN request time: 0.207s | source
Show context
gejose ◴[19 Sep 25 23:42 UTC] No.45308131[source]
This is one way to look at it, but ignores the fact that most users use third party community plugins.

Obsidian has a truly terrible security model for plugins. As I realized while building my own, Obsidian plugins have full, unrestricted access to all files in the vault.

Obsidian could've instead opted to be more 'batteries-included', at the cost of more development effort, but instead leaves this to the community, which in turn increases the attack surface significantly.

Or it could have a browser extension like manifest that declares all permissions used by the plugin, where attempting to access a permission that's not granted gets blocked.

Both of these approaches would've led to more real security to end users than "we have few third party dependencies".

replies(20): >>45308149 #>>45308208 #>>45308212 #>>45308222 #>>45308224 #>>45308241 #>>45308572 #>>45308600 #>>45308749 #>>45310219 #>>45310642 #>>45310881 #>>45310991 #>>45311185 #>>45311760 #>>45311782 #>>45312975 #>>45313054 #>>45314194 #>>45315453 #
1. freehorse ◴[20 Sep 25 09:25 UTC] No.45311760[source]
> most users use third party community plugins

Is this true? Is there any source about how many obsidian users use third party plugins? For once I don't. Moreover, obsidian by default runs in "restricted mode" which does not allow for community plugins. You have to specifically enable it to be able to install community plugins, hence I assume somebody who does that understands the risks involved. How many people even get into enabling that?

For me it is not even about security firstmost, the whole appeal of markdown is simplicity and interoperability. The more I depend on "plugins" the more I am locked in into this specific platform.