权限

¥Permissions

源代码: src/permission.cc

权限可用于控制 Node.js 进程可以访问哪些系统资源，或者进程可以对这些资源执行哪些操作。

¥Permissions can be used to control what system resources the Node.js process has access to or what actions the process can take with those resources.

• 基于进程的权限 控制 Node.js 进程对资源的访问。可以完全允许或拒绝资源，或者可以控制与其相关的操作。例如，可以允许文件系统读取而拒绝写入。此功能无法防止恶意代码。根据 Node.js 安全政策，Node.js 信任要求它运行的任何代码。

  ¥Process-based permissions control the Node.js process's access to resources. The resource can be entirely allowed or denied, or actions related to it can be controlled. For example, file system reads can be allowed while denying writes. This feature does not protect against malicious code. According to the Node.js Security Policy, Node.js trusts any code it is asked to run.

权限模型实现了 "安全带" 方法，可防止受信任的代码无意中更改文件或使用未明确授予访问权限的资源。它在存在恶意代码的情况下不提供安全保障。恶意代码可以绕过权限模型并执行任意代码，而不受权限模型施加的限制。

¥The permission model implements a "seat belt" approach, which prevents trusted code from unintentionally changing files or using resources that access has not explicitly been granted to. It does not provide security guarantees in the presence of malicious code. Malicious code can bypass the permission model and execute arbitrary code without the restrictions imposed by the permission model.

如果你发现潜在的安全漏洞，请参阅我们的 安全政策。

¥If you find a potential security vulnerability, please refer to our Security Policy.