Safeguard.sh
Secure Development

Deno Security Model Advantages: Runtime Permissions Done Right

Deno requires explicit permission grants for file, network, and environment access. This capability-based model changes the supply chain risk equation.

James
Security Analyst
5 min read

Deno was built with the explicit goal of fixing Node.js's security shortcomings. Its most significant security feature is a capability-based permission system that restricts what code can do at runtime. A Deno program cannot access the filesystem, network, environment variables, or subprocess execution without explicit permission grants.

This design fundamentally changes how supply chain attacks play out. A malicious dependency that tries to exfiltrate data to an external server will fail unless the application has been granted network access to that specific domain.

The Permission Model

Deno scripts run with no permissions by default. Every capability must be explicitly granted through command-line flags:

--allow-read grants filesystem read access. Can be scoped to specific paths: --allow-read=/app/data,/tmp.

--allow-write grants filesystem write access. Similarly scopable.

--allow-net grants network access. Can be scoped to specific domains and ports: --allow-net=api.example.com:443.

--allow-env grants access to environment variables. Can be scoped to specific variable names: --allow-env=DATABASE_URL,API_KEY.

--allow-run grants the ability to spawn subprocesses. Can be scoped to specific executables: --allow-run=git,node.

--allow-ffi grants access to the Foreign Function Interface for calling native code.

--allow-sys grants access to system information (hostname, OS version, memory info).

Why This Matters for Supply Chain Security

In Node.js, when you require('malicious-package'), that code runs with the full permissions of the Node.js process. It can read any file, connect to any server, execute any command, and access every environment variable. This is why npm supply chain attacks are so effective -- a single compromised dependency has unrestricted access.

In Deno, the same malicious code would be constrained by the permissions granted to the runtime. If your application only needs to read files from /app/data and connect to api.example.com, those are the only permissions it gets. A compromised dependency that tries to read ~/.ssh/id_rsa or connect to evil.com will get a permission error.

This does not eliminate supply chain risk -- a dependency can still abuse the permissions that are legitimately granted. But it dramatically reduces the blast radius.

Practical Permission Configuration

The challenge is finding the right permission granularity. Too broad (--allow-all) eliminates the security benefit. Too narrow creates constant permission errors during development.

For production deployments, build a minimal permission set:

  1. Start with no permissions.
  2. Run your application and note which permissions are requested.
  3. Grant only the specific permissions needed, scoped to the minimum paths, domains, and variables.
  4. Document why each permission is needed.

Deno's --prompt flag enables interactive permission prompting during development, which helps identify exactly which permissions your application needs.

For CI/CD environments, define permissions in a deno.json configuration file or a shell script wrapper that documents the rationale for each permission.

Import Maps and Dependency Management

Deno initially used URL-based imports without a package manager. While this eliminated some supply chain risks (no install scripts, no node_modules), it created others (DNS hijacking, CDN compromise).

Deno has since added npm compatibility (npm: specifiers) and the deno.land/x registry. Import maps allow aliasing dependencies to specific versions and sources.

The deno.lock lockfile records integrity hashes for all imported modules, similar to Go's go.sum. This prevents silent dependency modification after initial resolution.

Security Comparison With Node.js

| Aspect | Node.js | Deno | |--------|---------|------| | File access | Unrestricted | Requires --allow-read | | Network access | Unrestricted | Requires --allow-net | | Env variables | Unrestricted | Requires --allow-env | | Subprocess execution | Unrestricted | Requires --allow-run | | Install scripts | Yes (npm lifecycle scripts) | No equivalent | | TypeScript | Requires build step | Native support | | Lockfile integrity | Hash in package-lock.json | Hash in deno.lock |

The permission model is the most significant difference. Everything else -- TypeScript support, lockfile integrity, lack of install scripts -- contributes to a more defensible security posture, but the permission model is the structural change.

Limitations

Permission granularity. Permissions are per-process, not per-module. You cannot grant one dependency access to the network while denying it to another. All code in the process shares the same permission set.

The --allow-all escape hatch. Developers under time pressure will use --allow-all to avoid permission errors. Once this becomes a habit, the security model provides no protection. Enforce permission restrictions in CI and production deployment configurations.

FFI bypass. The --allow-ffi permission grants access to native code, which can bypass all other permission restrictions. Native code operates outside the Deno sandbox.

npm compatibility trade-offs. When using npm: specifiers, some npm packages expect Node.js-level access. Running them under Deno's permission model may require broader permissions than a pure Deno application would need.

Adoption Considerations

If you are evaluating Deno for a new project, the security model is a compelling reason to choose it. The permission system provides meaningful defense against supply chain attacks without requiring changes to how you write code.

If you are considering migrating from Node.js, the permission model will require you to audit and document your application's actual capability requirements. This audit is valuable even if you decide not to migrate, because it reveals what your Node.js application has access to and whether that access is appropriate.

How Safeguard.sh Helps

Safeguard.sh monitors your Deno project dependencies for known vulnerabilities, whether they come from deno.land/x, npm specifiers, or URL imports. It generates SBOMs that capture your full dependency graph and alerts you when a module in your project is affected by a newly disclosed vulnerability. Combined with Deno's permission model, Safeguard.sh gives you both runtime containment and supply chain visibility -- two layers of defense that together significantly reduce the risk from compromised dependencies.

DenoRuntime SecurityPermissionsJavaScriptTypeScript
Back to all articles

More on #Deno

View all →
Developer Security

Deno's Permission-Based Security Model: What It Gets Right and Where It Falls Short

6 min read

Related articles in Secure Development

Secure Development

TLS Library Comparison: OpenSSL vs. LibreSSL vs. BoringSSL

Three forks of the same codebase, three different security philosophies. Here is how to choose the right TLS library for your project.

September 20, 2025Read
Secure Development

Node.js Permission Model: Restricting What Your Code Can Do

Node.js finally has an experimental permission model. It is a significant step toward containing supply chain attacks, but it has important limitations.

March 18, 2024Read
Secure Development

Bun Runtime Security Considerations: Speed vs. Safety Trade-offs

Bun prioritizes performance over Node.js compatibility. But some of those performance choices have security implications worth understanding.

January 14, 2024Read

Never miss an update

Weekly insights on software supply chain security, delivered to your inbox.