@@ -850,19 +850,17 @@ Environment::Environment(IsolateData* isolate_data,
850
850
851
851
if (options_->experimental_permission ) {
852
852
permission ()->EnablePermissions ();
853
- // If any permission is set the process shouldn't be able to neither
853
+ // The process shouldn't be able to neither
854
854
// spawn/worker nor use addons or enable inspector
855
855
// unless explicitly allowed by the user
856
- if (!options_->allow_fs_read .empty () || !options_->allow_fs_write .empty ()) {
857
- options_->allow_native_addons = false ;
858
- flags_ = flags_ | EnvironmentFlags::kNoCreateInspector ;
859
- permission ()->Apply (" *" , permission::PermissionScope::kInspector );
860
- if (!options_->allow_child_process ) {
861
- permission ()->Apply (" *" , permission::PermissionScope::kChildProcess );
862
- }
863
- if (!options_->allow_worker_threads ) {
864
- permission ()->Apply (" *" , permission::PermissionScope::kWorkerThreads );
865
- }
856
+ options_->allow_native_addons = false ;
857
+ flags_ = flags_ | EnvironmentFlags::kNoCreateInspector ;
858
+ permission ()->Apply (" *" , permission::PermissionScope::kInspector );
859
+ if (!options_->allow_child_process ) {
860
+ permission ()->Apply (" *" , permission::PermissionScope::kChildProcess );
861
+ }
862
+ if (!options_->allow_worker_threads ) {
863
+ permission ()->Apply (" *" , permission::PermissionScope::kWorkerThreads );
866
864
}
867
865
868
866
if (!options_->allow_fs_read .empty ()) {
0 commit comments