--allow-child-process

使用 权限模型 时，默认情况下该进程将无法生成任何子进程。尝试这样做将抛出 ERR_ACCESS_DENIED，除非用户在启动 Node.js 时明确传递 --allow-child-process 标志。

¥When using the Permission Model, the process will not be able to spawn any child process by default. Attempts to do so will throw an ERR_ACCESS_DENIED unless the user explicitly passes the --allow-child-process flag when starting Node.js.

示例：

¥Example:

const childProcess = require('node:child_process');
// Attempt to bypass the permission
childProcess.spawn('node', ['-e', 'require("fs").writeFileSync("/new-file", "example")']); 拷贝

$ node --permission --allow-fs-read=* index.js
node:internal/child_process:388
  const err = this._handle.spawn(options);
                           ^
Error: Access to this API has been restricted
    at ChildProcess.spawn (node:internal/child_process:388:28)
    at node:internal/main/run_main_module:17:47 {
  code: 'ERR_ACCESS_DENIED',
  permission: 'ChildProcess'
} 拷贝

child_process.fork() API 从父进程继承执行参数。这意味着，如果 Node.js 在启用权限模型的情况下启动，并且设置了 --allow-child-process 标志，则使用 child_process.fork() 创建的任何子进程都将自动接收所有相关的权限模型标志。

¥The child_process.fork() API inherits the execution arguments from the parent process. This means that if Node.js is started with the Permission Model enabled and the --allow-child-process flag is set, any child process created using child_process.fork() will automatically receive all relevant Permission Model flags.

此行为也适用于 child_process.spawn()，但在这种情况下，标志通过 NODE_OPTIONS 环境变量传播，而不是直接通过进程参数传播。

¥This behavior also applies to child_process.spawn(), but in that case, the flags are propagated via the NODE_OPTIONS environment variable rather than directly through the process arguments.