diff options
Diffstat (limited to 'docs/getting_started/permissions.md')
| -rw-r--r-- | docs/getting_started/permissions.md | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/docs/getting_started/permissions.md b/docs/getting_started/permissions.md index 7b1eac693..72cd9d6d6 100644 --- a/docs/getting_started/permissions.md +++ b/docs/getting_started/permissions.md @@ -23,26 +23,26 @@ The following permissions are available: - **--allow-hrtime** Allow high resolution time measurement. High resolution time can be used in timing attacks and fingerprinting. - **--allow-net=\<allow-net\>** Allow network access. You can specify an - optional, comma separated list of domains to provide a whitelist of allowed + optional, comma separated list of domains to provide a allow-list of allowed domains. - **--allow-plugin** Allow loading plugins. Please note that --allow-plugin is an unstable feature. - **--allow-read=\<allow-read\>** Allow file system read access. You can specify an optional, comma separated list of directories or files to provide a - whitelist of allowed file system access. + allow-list of allowed file system access. - **--allow-run** Allow running subprocesses. Be aware that subprocesses are not run in a sandbox and therefore do not have the same security restrictions as the deno process. Therefore, use with caution. - **--allow-write=\<allow-write\>** Allow file system write access. You can specify an optional, comma separated list of directories or files to provide a - whitelist of allowed file system access. + allow-list of allowed file system access. -### Permissions whitelist +### Permissions allow-list Deno also allows you to control the granularity of some permissions with -whitelists. +allow-lists. -This example restricts file system access by whitelisting only the `/usr` +This example restricts file system access by allow-listing only the `/usr` directory, however the execution fails as the process was attempting to access a file in the `/etc` directory: @@ -54,7 +54,7 @@ error: Uncaught PermissionDenied: read access to "/etc/passwd", run again with t ... ``` -Try it out again with the correct permissions by whitelisting `/etc` instead: +Try it out again with the correct permissions by allow-listing `/etc` instead: ```shell deno run --allow-read=/etc https://deno.land/std/examples/cat.ts /etc/passwd @@ -70,7 +70,7 @@ _fetch.ts_: const result = await fetch("https://deno.land/"); ``` -This is an example on how to whitelist hosts/urls: +This is an example on how to allow-list hosts/urls: ```shell deno run --allow-net=github.com,deno.land fetch.ts |