1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-01 16:51:13 -05:00
Commit graph

15 commits

Author SHA1 Message Date
David Sherret
66929de3ba
fix(unstable/worker): ensure import permissions are passed (#26101)
We only had integration tests for this and not an integration test.

Closes #26074
2024-10-10 14:01:42 +01:00
David Sherret
b8a9a4a862
Revert "feat: warn when using --allow-run with no allow list" (#26021)
Although using `--allow-run` without an allow list gives basically no
security, I think we should remove this warning because it gets in the
way and the only way to disable it is via --quiet.
2024-10-04 08:16:35 +01:00
David Sherret
a8d1ab5276
fix(flags): --allow-all should conflict with lower permissions (#25909)
Using `--allow-all` with other `--allow-x` permission flags should cause
an error since `--allow-all` is a superset of `--allow-x`.

Closes #25901
2024-09-27 16:49:43 +00:00
David Sherret
7437f9d944
fix(doc): surface graph errors as warnings (#25888) 2024-09-26 12:31:03 -04:00
Bartek Iwańczuk
5504acea67
feat: add --allow-import flag (#25469)
This replaces `--allow-net` for import permissions and makes the
security sandbox stricter by also checking permissions for statically
analyzable imports.

By default, this has a value of
`--allow-import=deno.land:443,jsr.io:443,esm.sh:443,raw.githubusercontent.com:443,gist.githubusercontent.com:443`,
but that can be overridden by providing a different set of hosts.

Additionally, when no value is provided, import permissions are inferred
from the CLI arguments so the following works because
`fresh.deno.dev:443` will be added to the list of allowed imports:

```ts
deno run -A -r https://fresh.deno.dev
```

---------

Co-authored-by: David Sherret <dsherret@gmail.com>
2024-09-26 01:50:54 +00:00
Bartek Iwańczuk
a7d67e3a7a
feat: update warning message for --allow-run with no list (#25693)
Ref https://github.com/denoland/deno/pull/25215#discussion_r1762064605
2024-09-18 00:32:52 +02:00
David Sherret
b0525edd6f
feat: warn when using --allow-run with no allow list (#25215) 2024-09-16 23:08:02 +00:00
David Sherret
62e952559f
refactor(permissions): split up Descriptor into Allow, Deny, and Query (#25508)
This makes the permission system more versatile.
2024-09-16 21:39:37 +01:00
Luca Casonato
7bfcb4dd10
feat(cli): use NotCapable error for permission errors (#25431)
Closes #7394

---------

Co-authored-by: snek <snek@deno.com>
2024-09-10 11:12:24 -07:00
David Sherret
dd208a6df0
fix(regression): do not expose resolved path in Deno.Command permission denied error (#25434)
Regression from https://github.com/denoland/deno/pull/25370
2024-09-04 22:57:49 +00:00
David Sherret
74fc66da11
fix: lock down allow-run permissions more (#25370)
`--allow-run` even with an allow list has essentially been
`--allow-all`... this locks it down more.

1. Resolves allow list for `--allow-run=` on startup to an absolute
path, then uses these paths when evaluating if a command can execute.
Also, adds these paths to `--deny-write`
1. Resolves the environment (cwd and env vars) before evaluating
permissions and before executing a command. Then uses this environment
to evaluate the permissions and then evaluate the command.
2024-09-04 14:51:24 +02:00
Matt Mastracci
adc7b3de26
fix(runtime): Allow opening /dev/fd/XXX for unix (#23743)
`deno run script.ts <(some command)` is a valid use case -- let's allow
this to work without `--allow-all`.

Fixes #23703
2024-05-10 11:21:36 -06:00
Matt Mastracci
9f7f681e26
fix(runtime): allow nul device on windows (#23741)
Fixes [23721](https://github.com/denoland/deno/issues/23721)
2024-05-08 14:39:06 -06:00
Luca Casonato
f3cc760f2f
fix(runtime): allow r/w access to /etc without --allow-all (#23718)
This is not a special path that can be used to escalate or bypass Deno
permissions, such as `--allow-env`.
2024-05-07 14:51:42 +02:00
Matt Mastracci
505130d813
chore(cli): add permission test (#23633) 2024-05-01 13:17:05 -06:00