Skip to content

Commit

Permalink
doc: rename policy references
Browse files Browse the repository at this point in the history
  • Loading branch information
RafaelGSS committed Aug 31, 2022
1 parent 311a003 commit 8261f2c
Show file tree
Hide file tree
Showing 4 changed files with 25 additions and 23 deletions.
2 changes: 1 addition & 1 deletion doc/api/errors.md
Original file line number Diff line number Diff line change
Expand Up @@ -3577,7 +3577,7 @@ The native call from `process.cpuUsage` could not be processed.
[domains]: domain.md
[event emitter-based]: events.md#class-eventemitter
[file descriptors]: https://en.wikipedia.org/wiki/File_descriptor
[policy]: policy.md
[policy]: permissions.md#policies
[self-reference a package using its name]: packages.md#self-referencing-a-package-using-its-name
[stream-based]: stream.md
[syscall]: https://man7.org/linux/man-pages/man2/syscalls.2.html
Expand Down
2 changes: 1 addition & 1 deletion doc/api/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@
* [OS](os.md)
* [Path](path.md)
* [Performance hooks](perf_hooks.md)
* [Policies](policy.md)
* [Permissions](permissions.md)
* [Process](process.md)
* [Punycode](punycode.md)
* [Query strings](querystring.md)
Expand Down
33 changes: 12 additions & 21 deletions doc/api/permissions.md
Original file line number Diff line number Diff line change
@@ -1,26 +1,19 @@
# Permissions

This section exposes security features available to be adopted in a
Node.js application. The available scopes are:
Permissions can be used to control what system resources the
Node.js process has access to or what actions the process can take
with those resources. Permissions can also control what modules can
be accessed by other modules.

* [Resource-based permissions](#resource-based-permissions)
* [Process-based permissions](#process-based-permissions)
* [Module-based permissions](#module-based-permissions) control which files
or URLs are available to other modules during application execution.
This can be used to control what modules can be accessed by third-party
dependencies, for example.

Resource-based permissions stands for the managment of modules using
policies. A policy can guarantee which module/resource is available
during the application execution.
If you find a potential security vulnerability, please refer to our
[Security Policy][].

Process-based permissions stands for the management of resources such
as _File System_ or _Network_. A permission can be configured to restrict
access to specific resources, for instance, one can restrict access to
all the _File System_ write.

Both permissions can be used together to provide a safer environment.

**Note**: if you find a potential security vulnerability on Node.js,
refer to our [Security Policy][].

## Resource-based permissions
## Module-based permissions

## Policies

Expand Down Expand Up @@ -447,9 +440,7 @@ not adopt the origin of the `blob:` URL.
Additionally, import maps only work on `import` so it may be desirable to add a
`"import"` condition to all dependency mappings.

## Process-based permissions

[Security Policy]: https://github.com/nodejs/node/blob/main/SECURITY.md
[import maps]: https://url.spec.whatwg.org/#relative-url-with-fragment-string
[relative-url string]: https://url.spec.whatwg.org/#relative-url-with-fragment-string
[special schemes]: https://url.spec.whatwg.org/#special-scheme
[Security Policy]: https://github.com/nodejs/node/blob/main/SECURITY.md
11 changes: 11 additions & 0 deletions doc/api/policy.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
# Policies

<!--introduced_in=v11.8.0-->

<!-- type=misc -->

> Stability: 1 - Experimental
The former Policies documentation is now at [Permissions documentation][]

[Permissions documentation]: permissions.md#policies

0 comments on commit 8261f2c

Please sign in to comment.