summaryrefslogtreecommitdiff
path: root/docs/getting_started/permissions.md
diff options
context:
space:
mode:
Diffstat (limited to 'docs/getting_started/permissions.md')
-rw-r--r--docs/getting_started/permissions.md37
1 files changed, 37 insertions, 0 deletions
diff --git a/docs/getting_started/permissions.md b/docs/getting_started/permissions.md
new file mode 100644
index 000000000..a3d0a9ea0
--- /dev/null
+++ b/docs/getting_started/permissions.md
@@ -0,0 +1,37 @@
+## Permissions
+
+<!-- TODO(lucacasonato): what are permissions -->
+
+<!-- TODO(lucacasonato): description of all permissions -->
+
+### Permissions whitelist
+
+Deno also provides permissions whitelist.
+
+This is an example to restrict file system access by whitelist.
+
+```shell
+$ deno run --allow-read=/usr https://deno.land/std/examples/cat.ts /etc/passwd
+error: Uncaught PermissionDenied: read access to "/etc/passwd", run again with the --allow-read flag
+► $deno$/dispatch_json.ts:40:11
+ at DenoError ($deno$/errors.ts:20:5)
+ ...
+```
+
+You can grant read permission under `/etc` dir
+
+```shell
+$ deno run --allow-read=/etc https://deno.land/std/examples/cat.ts /etc/passwd
+```
+
+`--allow-write` works same as `--allow-read`.
+
+This is an example to restrict host.
+
+```ts
+const result = await fetch("https://deno.land/");
+```
+
+```shell
+$ deno run --allow-net=deno.land https://deno.land/std/examples/curl.ts https://deno.land/
+```
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-23 20:25:38 +0000