I was wondering how this integrates with Deno's permission system, which is one of its biggest strengths especially for letting agents run amok on your device.

The CLI reference page[0] notes,

> The permissions you grant at compile time are baked into the compiled binary:

I think it would be nice if this could be surfaced to the user somehow, like letting the user know and decide which permissions they want to give access to.

[0]: https://docs.deno.com/runtime/reference/cli/desktop/#runtime...

▲

tomComb a day ago | parent | next [-]

You are running a binary that you got from the developer. If it presented you with Deno permissions, I think that would be misleading because there’s no guarantee of their integrity.

▲

sheept a day ago | parent | next [-]

That is true. I wonder if it could be possible to let the user supply and wrap the app around their own, trusted installation of Deno (rather than the one bundled in the app) to specify permissions.

	▲	minraws 20 hours ago \| parent [-]
		Why not run it in a vm or container instead then, it seems a bit much imho.

▲

hdjrudni 19 hours ago | parent | prev [-]

Then do `deno ./my_downloaded_deno_gui` instead. If you trust the copy of deno you downloaded, then hopefully it can be trusted to verify the permissions of random downloaded deno-apps.

Yes, it kind of defeats the standalone binary aspect but if you're really concerned about security, maybe it's a happy medium.

▲

porridgeraisin a day ago | parent | prev [-]

> What deno desktop doesn't have yet

> Runtime permissions for desktop apps (a permission prompt on every filesystem / network access, i.e. Deno's permission system applied to desktop sandboxing).