Drop permissions

I'd like to harden my deno app a bit, but specifying permissions manually gets repetitive. Is there a way for me to run with -A, parse my configs, and then drop all permissions I don't need before loading the rest of the app? Ex. the configuration will contain a database path, so I should keep the r/w permissions for that, but not any other files.
M
marvinh.36d ago
No, reversing already given permissions in the same process is not possible. you can limit the read + write permissions to certain files by passing a file path, see https://docs.deno.com/runtime/manual/basics/permissions
C
cknight35d ago
You can also setup a deno task in your deno.json and specify specific permissions there. E.g. in your deno.json you have:
{
"tasks": {
"start": "deno run --allow-read=./config.json,./my.db --allow-write=./my.db mod.ts",
},
}
{
"tasks": {
"start": "deno run --allow-read=./config.json,./my.db --allow-write=./my.db mod.ts",
},
}
Then on the command line you can just do:
deno task start
deno task start
More Posts
New fresh project comes out of the box with errorsI created a new fresh project on linux, I am using VsCode and im getting many errors although the prIs there a deno function for inputting prompt reply without pressing enter?Normally, one has to press enter for the input to be accepted. I was wondering if there was a versioSetting Deno.Command priority and affinity (on windows)Is it possible to set a tasks / commands priority and affinity directly? Code: ```ts await new DenoIs there a way to write a Deno.AtomicCheck that succeeds for any non-null versionstamp?You can write a Deno.AtomicCheck that fails if the versionstamp for a key-value pair in the KV storeImportTypeScript API + get value of `compilerOptions` with default options from `tsconfig.json`?Hello, I'm trying to figure out the proper way to do a few things: 1. What's the correct way to impHow to override the version from a dependency of a project's dependency from npmI'm currently using react-pdf as a dependency, react-pdf uses fontkit as a dependency, and fontkit uHow to publish global types with JSR?I was trying to republish my npm package with JSR via npm jsr package. It all went well with one excCaching results from APIHi, I'm currently working on a project where I get data from an API (https://www.robotevents.com/apiINTERNAL_SERVER_ERROR_2 / 500 response codeSeveral clients concurrently reported INTERNAL_SERVER_ERROR_2 with a 500 error on requests to a deplMy site seems to be under attackI receive a large amount of request last night. Does this mean my site is under attack...?