@@ -797,19 +797,17 @@ Environment::Environment(IsolateData* isolate_data,
797
797
798
798
if (options_->experimental_permission ) {
799
799
permission ()->EnablePermissions ();
800
- // If any permission is set the process shouldn't be able to neither
800
+ // The process shouldn't be able to neither
801
801
// spawn/worker nor use addons or enable inspector
802
802
// unless explicitly allowed by the user
803
- if (!options_->allow_fs_read .empty () || !options_->allow_fs_write .empty ()) {
804
- options_->allow_native_addons = false ;
805
- flags_ = flags_ | EnvironmentFlags::kNoCreateInspector ;
806
- permission ()->Apply (" *" , permission::PermissionScope::kInspector );
807
- if (!options_->allow_child_process ) {
808
- permission ()->Apply (" *" , permission::PermissionScope::kChildProcess );
809
- }
810
- if (!options_->allow_worker_threads ) {
811
- permission ()->Apply (" *" , permission::PermissionScope::kWorkerThreads );
812
- }
803
+ options_->allow_native_addons = false ;
804
+ flags_ = flags_ | EnvironmentFlags::kNoCreateInspector ;
805
+ permission ()->Apply (" *" , permission::PermissionScope::kInspector );
806
+ if (!options_->allow_child_process ) {
807
+ permission ()->Apply (" *" , permission::PermissionScope::kChildProcess );
808
+ }
809
+ if (!options_->allow_worker_threads ) {
810
+ permission ()->Apply (" *" , permission::PermissionScope::kWorkerThreads );
813
811
}
814
812
815
813
if (!options_->allow_fs_read .empty ()) {
0 commit comments