MarkTiedemann/evil.mjs

## evil.mjs
// node --experimental-policy=policy.json evil.mjs

import fs from "node:fs";

console.log(fs.readFileSync("./no-secret.txt", "utf-8"));
console.log(fs.readFileSync("./secret.txt", "utf-8"));

## policy.json
{
	"resources": {
		"./evil.mjs": {
			"integrity": "sha384-vQrig6cXCYAM1yBwyPtZbPXQEy2rZ+Ee/Y62ejWGyFHW/aPGsj62WTH3c42fpqKp",
			"dependencies": {
				"node:fs": "./safe-fs.mjs"
			}
		},
		"./safe-fs.mjs": {
			"integrity": "sha384-8RhRmwj65XTzvjg3xZP4GS0FTGSMVRBvbAlzJT9SJhtahMmPMWPb3+PylFTJ9IWq",
			"dependencies": {
				"node:fs": true
			}
		}
	}
}

## safe-fs.mjs
import fs from "node:fs";

function readFileSync(filename, encoding) {
	if (filename === "./no-secret.txt") {
		return fs.readFileSync(filename, encoding);
	} else {
		return "";
	}
}

export default { readFileSync };
	// node --experimental-policy=policy.json evil.mjs

	import fs from "node:fs";

	console.log(fs.readFileSync("./no-secret.txt", "utf-8"));
	console.log(fs.readFileSync("./secret.txt", "utf-8"));
	{
	"resources": {
	"./evil.mjs": {
	"integrity": "sha384-vQrig6cXCYAM1yBwyPtZbPXQEy2rZ+Ee/Y62ejWGyFHW/aPGsj62WTH3c42fpqKp",
	"dependencies": {
	"node:fs": "./safe-fs.mjs"
	}
	},
	"./safe-fs.mjs": {
	"integrity": "sha384-8RhRmwj65XTzvjg3xZP4GS0FTGSMVRBvbAlzJT9SJhtahMmPMWPb3+PylFTJ9IWq",
	"dependencies": {
	"node:fs": true
	}
	}
	}
	}
	import fs from "node:fs";

	function readFileSync(filename, encoding) {
	if (filename === "./no-secret.txt") {
	return fs.readFileSync(filename, encoding);
	} else {
	return "";
	}
	}

	export default { readFileSync };