Tauri's security mechanism is one of its core advantages, ensuring application security through multi-layered protection:
Permission System
Tauri adopts the principle of least privilege, and by default the frontend cannot access system resources. Permissions need to be explicitly declared in tauri.conf.json:
{ "tauri": { "allowlist": { "fs": { "all": false, "readFile": true, "writeFile": true, "scope": ["$HOME/*"] }, "shell": { "all": false, "open": true } } } }
Content Security Policy (CSP)
Restrict resource loading and script execution through CSP:
tauri::Builder::default() .plugin(tauri_plugin_csp::Builder::new() .default_policy(ContentSecurityPolicy { default_src: vec!["'self'"], script_src: vec!["'self'"], style_src: vec!["'self'"], ..Default::default() }) .build())
Scope Restrictions
Set scopes for file system, Shell, and other operations to prevent access to sensitive paths:
{ "fs": { "scope": ["$HOME/documents/*", "$APPDATA/*"] } }
Protocol Whitelist
Restrict the protocols and domains that WebView can access:
{ "tauri": { "security": { "csp": "default-src 'self'", "dangerousDisableAssetCspModification": false } } }
Rust Backend Isolation
- Rust code runs in a separate process
- Frontend cannot directly execute Rust code
- All system calls go through Tauri's API
Best Practices
- Only grant necessary minimum permissions
- Use CSP to restrict resource loading
- Validate and sanitize all user inputs
- Regularly update dependencies
- Audit the security of third-party plugins