Open tmcw opened 1 year ago
I understand by reading env you can read api keys, but is a there a theoretical risk about writing an env ?
I think so - for example, a script could write to PATH
and change what you run when you run a command like ls
.
Deno's
Command
interface provides a nice way to clear the environment variables exposed to a child process -clearEnv
. But a child process can still write to the environment if given--allow-env
. It'd be nice to have a middle ground in which a process can read environment variables (which would allow for much broader npm module compatibility) but not write them.Could there be something like
--allow-env-read
to make this permission more fine-tuned?