You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Abstract sockets play very nice with Deno's sandboxing module because --allow-read=foo.sock --allow-write=foo.sock allows the process to delete the socket and replace it with a file of the same name. With abstract sockets you can provide unix socket access without providing filesystem access! Neat! However, there is no way to name a specific abstract socket path using the command line arguments.
$ deno run ./deno.ts
┌ ⚠️ Deno requests read access to "\0sdfas".
├ Requested by `Deno.serve()` API.
├ Run again with --allow-read to bypass this prompt.
└ Allow? [y/n/A] (y = yes, allow; n = no, deny; A = allow all read permissions) > ^C
$ deno run --allow-read ./deno.ts
┌ ⚠️ Deno requests write access to "\0sdfas".
├ Requested by `Deno.serve()` API.
├ Run again with --allow-write to bypass this prompt.
└ Allow? [y/n/A] (y = yes, allow; n = no, deny; A = allow all write permissions) > ^C
$ deno run --allow-read --allow-write ./deno.ts
{ transport: "unix", path: null } { transport: "unix", path: null }
What doesn't:
$ deno run --allow-read=\0sdfas --allow-write=\0sdfas ./deno.ts
┌ ⚠️ Deno requests read access to "\0sdfas".
├ Requested by `Deno.serve()` API.
├ Run again with --allow-read to bypass this prompt.
└ Allow? [y/n/A] (y = yes, allow; n = no, deny; A = allow all read permissions) >
$ deno run --allow-read=\x00sdfas --allow-write=\x00sdfas ./deno.ts
┌ ⚠️ Deno requests read access to "\0sdfas".
├ Requested by `Deno.serve()` API.
├ Run again with --allow-read to bypass this prompt.
└ Allow? [y/n/A] (y = yes, allow; n = no, deny; A = allow all read permissions) >
I believe this is an OS issue and not a deno issue, but maybe the interface could be expanded to somehow allow the naming of abstract sockets?
For prior art, echo has the flag -e that "enables the interpretation of backslash escapes". So "\0sdfas" would work with that flag set:
Version: Deno 1.44.2
Abstract sockets play very nice with Deno's sandboxing module because
--allow-read=foo.sock --allow-write=foo.sock
allows the process to delete the socket and replace it with a file of the same name. With abstract sockets you can provide unix socket access without providing filesystem access! Neat! However, there is no way to name a specific abstract socket path using the command line arguments.Source:
What works:
What doesn't:
I believe this is an OS issue and not a deno issue, but maybe the interface could be expanded to somehow allow the naming of abstract sockets?
For prior art,
echo
has the flag-e
that "enables the interpretation of backslash escapes". So "\0sdfas" would work with that flag set:Although I can think of no other Deno command line arguments that would be benefitted by this addition :/
The text was updated successfully, but these errors were encountered: