@@ -844,19 +844,17 @@ Environment::Environment(IsolateData* isolate_data,
844
844
845
845
if (options_->experimental_permission ) {
846
846
permission ()->EnablePermissions ();
847
- // If any permission is set the process shouldn't be able to neither
847
+ // The process shouldn't be able to neither
848
848
// spawn/worker nor use addons or enable inspector
849
849
// unless explicitly allowed by the user
850
- if (!options_->allow_fs_read .empty () || !options_->allow_fs_write .empty ()) {
851
- options_->allow_native_addons = false ;
852
- flags_ = flags_ | EnvironmentFlags::kNoCreateInspector ;
853
- permission ()->Apply (" *" , permission::PermissionScope::kInspector );
854
- if (!options_->allow_child_process ) {
855
- permission ()->Apply (" *" , permission::PermissionScope::kChildProcess );
856
- }
857
- if (!options_->allow_worker_threads ) {
858
- permission ()->Apply (" *" , permission::PermissionScope::kWorkerThreads );
859
- }
850
+ options_->allow_native_addons = false ;
851
+ flags_ = flags_ | EnvironmentFlags::kNoCreateInspector ;
852
+ permission ()->Apply (" *" , permission::PermissionScope::kInspector );
853
+ if (!options_->allow_child_process ) {
854
+ permission ()->Apply (" *" , permission::PermissionScope::kChildProcess );
855
+ }
856
+ if (!options_->allow_worker_threads ) {
857
+ permission ()->Apply (" *" , permission::PermissionScope::kWorkerThreads );
860
858
}
861
859
862
860
if (!options_->allow_fs_read .empty ()) {
0 commit comments