How does Atom break the Browser sandbox to read and write files?


Normally a web page is not allowed to read and write files on the local system, because the sand box rejects this. How is the browser restriction bypassed by Atom?


Atom is based on a combination of Node.js and Chromium. It is the Node portion that gives Atom access to the file system.


This does not answer the question. If Atom uses Node.js the browser restriction applies also to Node.js. This changes the question just: how is the browser restriction bypassed by Node.js?


Check out the node_bindings* files in I’m not sure there is a plain english explanation yet.


I’ve taken the liberty to clean up the title and category of this thread, hope you don’t mind.


Your answer makes the situation even stranger. The bindings are written in C++ and Node.js is intended to run on the server side. But Atom claims to be a editor running on the client side without the need to have a server. How does this fit together?

Maybe I misunderstood something. Does it even run in a browser in client offline mode? Or does it run in Node.js in that case. And does it only run in a browser, if it talks to a server?


There is no browser connected to atom, although there is a package, browser-plus that adds browser capabilities inside atom. Atom uses the node engine and the chromium engine which is not a browser, just a DOM and display engine.


This being the operative explanation.

@ceving Don’t think of it as a browser needing a server. Think of it as an engine on your desktop, that translates web tech (html, javascript etc) into C++ for the OS to handle. Naively speaking.


I understand. Then the question can be deleted, because it is complete nonsense. :dizzy_face:


Not at all, it can be a little confusing at first, takes a moment to step into the right mindset. :wink:


I just spent a half-hour talking to someone at lunch about this same exact topic. It is a very common misunderstanding.