保证

\Guarantees

• 当使用 require()、import() 或 new Module() 加载模块时,这些策略保证文件完整性。

  \The policies guarantee the file integrity when a module is loaded using require(), import() or new Module().

• 重定向不会阻止通过直接访问 require.cache 等方式访问 API,从而允许访问已加载的模块。策略重定向只影响到 require() 和 import 的说明符。

  \Redirection does not prevent access to APIs through means such as direct access to require.cache which allow access to loaded modules. Policy redirection only affects specifiers to require() and import.

• 策略威胁模型中模块完整性的批准意味着一旦加载,它们就可以销毁甚至规避安全功能,因此环境/运行时强化是预期的。

  \The approval of the module integrity in policies threat model implies they are allowed to muck with and even circumvent security features once loaded so environmental/runtime hardening is expected.