Deno•2y ago

Drop permissions

I'd like to harden my deno app a bit, but specifying permissions manually gets repetitive. Is there a way for me to run with -A, parse my configs, and then drop all permissions I don't need before loading the rest of the app? Ex. the configuration will contain a database path, so I should keep the r/w permissions for that, but not any other files.

marvinh.•3/18/24, 7:49 AM

No, reversing already given permissions in the same process is not possible.

marvinh.•3/18/24, 7:50 AM

you can limit the read + write permissions to certain files by passing a file path, see https://docs.deno.com/runtime/manual/basics/permissions

cknight•3/18/24, 10:15 AM

You can also setup a deno task in your deno.json and specify specific permissions there. E.g. in your

deno.json

deno.json

you have:

cknight•3/18/24, 10:16 AM

Then on the command line you can just do: