Warn about full access on --allow-fs-read=* and --allow-fs-write=*

[tristan-f-r]

What is the problem this feature will solve?

While this is a CVE in Deno as Deno used to grant all these permissions on unfettered explicitly --allow-fs-read and --allow-fs-write, Node.JS does require a path to specify what files to read and write.

When access is granted to /proc/self/mem, a sophisticated attack can be carried out that gives the attacker full access bypassing the permission system.

What is the feature you are proposing to solve the problem?

If a user accidentally grants access to this file, a warning should appear in the console that warns against this file.

Additional notes

I am happy to work on this issue.

[tniessen]

There is a long list of paths that users should never grant access to, and I don't think we should attempt to capture that. I'd be okay with warning specifically about * though.

[github-actions[bot]]

There has been no activity on this feature request for 5 months. To help maintain relevant open issues, please add the https://github.com/nodejs/node/labels/never-stale label or close this issue if it should be closed. If not, the issue will be automatically closed 6 months after the last non-automated comment. For more information on how the project manages feature requests, please consult the feature request management document.

[github-actions[bot]]

There has been no activity on this feature request and it is being closed. If you feel closing this issue is not the right thing to do, please leave a comment.

For more information on how the project manages feature requests, please consult the feature request management document.