Open crowlKats opened 2 years ago
SGTM!
Had plenty of cases in the wild where this would be useful. For example: std/wasi's integration tests can make use of this, they spawn a Deno instance per test.
Couldn't this just be added ForkOptions
to the current .fork
implimentation?
To note, r/n Deno's .fork
forces the -A
option so you need to use .spawn
instead to be able to use permissions...
Though frankly, I'd prefer a more concise sandbox, if at all possible, that wouldn't spawn a new process.
Relies on #11618.
This proposal proposes a function that would allow to spawn a "sandboxed" deno subprocess. This function would not require the
allow-run
function. Permissions would work the same way as they do for WebWorkers. This would be equivalent to node'schild_process.fork
, while keeping Deno's security.The first pass of this proposal would only allow for
deno run
to be spawned, to keep things simple. This later on can be expanded to allow spawning various other subcommands.Currently, with this set of options, the permissions can be escalated beyond what the parent process has access to with
Deno.permissions.request
, so i propose to add ano-permission-request
flag, which would disallow the usage ofDeno.permissions.request
.