diff --git a/docs/getting_started/permissions.md b/docs/getting_started/permissions.md index c59bb3aaa9..aba5911004 100644 --- a/docs/getting_started/permissions.md +++ b/docs/getting_started/permissions.md @@ -18,8 +18,10 @@ deno run --allow-read mod.ts The following permissions are available: - **-A, --allow-all** Allow all permissions. This disables all security. -- **--allow-env** Allow environment access for things like getting and setting - of environment variables. +- **--allow-env=\** Allow environment access for things like getting + and setting of environment variables. Since Deno 1.9, you can specify a + optional, comma-separated list of environment variables to provide an + allow-list of allowed environment variables. - **--allow-hrtime** Allow high-resolution time measurement. High-resolution time can be used in timing attacks and fingerprinting. - **--allow-net=\** Allow network access. You can specify an @@ -30,9 +32,11 @@ The following permissions are available: - **--allow-read=\** Allow file system read access. You can specify an optional, comma-separated list of directories or files to provide an allow-list of allowed file system access. -- **--allow-run** Allow running subprocesses. Be aware that subprocesses are not - run in a sandbox and therefore do not have the same security restrictions as - the deno process. Therefore, use with caution. +- **--allow-run=\**Allow running subprocesses. Since Deno 1.9, You + can specify an options, comma-separated list of subprocesses to provide an + allow-list of allowed subprocesses. Be aware that subprocesses are not run in + a sandbox and therefore do not have the same security restrictions as the deno + process. Therefore, use with caution. - **--allow-write=\** Allow file system write access. You can specify an optional, comma-separated list of directories or files to provide an allow-list of allowed file system access.