1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-11-27 16:10:57 -05:00
denoland-deno/docs/getting_started/permissions.md
2021-06-14 15:48:10 +02:00

96 lines
3.4 KiB
Markdown

## Permissions
Deno is secure by default. Therefore, unless you specifically enable it, a deno
module has no file, network, or environment access for example. Access to
security-sensitive areas or functions requires the use of permissions to be
granted to a deno process on the command line.
For the following example, `mod.ts` has been granted read-only access to the
file system. It cannot write to it, or perform any other security-sensitive
functions.
```shell
deno run --allow-read mod.ts
```
### Permissions list
The following permissions are available:
- **-A, --allow-all** Allow all permissions. This disables all security.
- **--allow-env=\<allow-env\>** Allow environment access for things like getting
and setting of environment variables. Since Deno 1.9, you can specify a
optional, comma-separated list of environment variables to provide an
allow-list of allowed environment variables.
- **--allow-hrtime** Allow high-resolution time measurement. High-resolution
time can be used in timing attacks and fingerprinting.
- **--allow-net=\<allow-net\>** Allow network access. You can specify an
optional, comma-separated list of domains to provide an allow-list of allowed
domains.
- **--allow-plugin** Allow loading plugins. Please note that --allow-plugin is
an unstable feature.
- **--allow-read=\<allow-read\>** Allow file system read access. You can specify
an optional, comma-separated list of directories or files to provide an
allow-list of allowed file system access.
- **--allow-run=\<allow-run\>** Allow running subprocesses. Since Deno 1.9, You
can specify an options, comma-separated list of subprocesses to provide an
allow-list of allowed subprocesses. Be aware that subprocesses are not run in
a sandbox and therefore do not have the same security restrictions as the deno
process. Therefore, use with caution.
- **--allow-write=\<allow-write\>** Allow file system write access. You can
specify an optional, comma-separated list of directories or files to provide
an allow-list of allowed file system access.
### Permissions allow-list
Deno also allows you to control the granularity of some permissions with
allow-lists.
This example restricts file system access by allow-listing only the `/usr`
directory, however the execution fails as the process was attempting to access a
file in the `/etc` directory:
```shell
$ deno run --allow-read=/usr https://deno.land/std@$STD_VERSION/examples/cat.ts /etc/passwd
error: Uncaught PermissionDenied: read access to "/etc/passwd", run again with the --allow-read flag
$deno$/dispatch_json.ts:40:11
at DenoError ($deno$/errors.ts:20:5)
...
```
Try it out again with the correct permissions by allow-listing `/etc` instead:
```shell
deno run --allow-read=/etc https://deno.land/std@$STD_VERSION/examples/cat.ts /etc/passwd
```
`--allow-write` works the same as `--allow-read`.
### Network access:
_fetch.ts_:
```ts
const result = await fetch("https://deno.land/");
```
This is an example of how to allow-list hosts/urls:
```shell
deno run --allow-net=github.com,deno.land fetch.ts
```
If `fetch.ts` tries to establish network connections to any other domain, the
process will fail.
Allow net calls to any host/url:
```shell
deno run --allow-net fetch.ts
```
### Conference
Ryan Dahl. (September 25, 2020).
[The Deno security model](https://www.youtube.com/watch?v=r5F6dekUmdE#t=34m57).
Speakeasy JS.