保证

¥Guarantees

  • 当使用 require()import()new Module() 加载模块时,这些策略保证文件完整性。

    ¥The policies guarantee the file integrity when a module is loaded using require(), import() or new Module().

  • 重定向不会阻止通过直接访问 require.cache 等方式访问 API,从而允许访问已加载的模块。策略重定向只影响到 require()import 的说明符。

    ¥Redirection does not prevent access to APIs through means such as direct access to require.cache which allow access to loaded modules. Policy redirection only affects specifiers to require() and import.

  • 策略威胁模型中模块完整性的批准意味着一旦加载,它们就可以销毁甚至规避安全功能,因此环境/运行时强化是预期的。

    ¥The approval of the module integrity in policies threat model implies they are allowed to muck with and even circumvent security features once loaded so environmental/runtime hardening is expected.