Does .wasm module under --experimental-pemission protect?

[LongTengDao]

trafficstars

.node file is native and can't support under --experimental-permission, if I understand correctly.

What's the fundamental difference between .wasm and .node?

Does it safe if I enable both --experimental-pemission and --experimental-wasm-modules? Will .wasm module be limited run by --experimental-pemission exactly same as .mjs?

And what about --experimental-wasi-unstable-preview1 (wasi)?

Thanks

[RafaelGSS]

wasm modules won't be limited by the permission model. Permission Model guarantees the fs, child_process, spawn modules will have the correct permission to execute. WASM could, technically, bypass it.

[LongTengDao]

Is it not possible for .wasm, just like .node?

Or just currently not limit, and will do that in the future?

@RafaelGSS

[LongTengDao]

(Why can wasm bypass it? I remember wasm is module without side effects, without dom or io access ability, and the imports inside also need be apply by the WebAssembly.instantiate() explicitly. Thank you!)

[github-actions[bot]]

This issue is stale because it has been open many days with no activity. It will be closed soon unless the stale label is removed or a comment is made.