Kinda :/ on there not being a GPU permission (that I can find in the post or the docs); GPUs/GPU drivers have been a vector for some pretty nasty attacks in the past...
For years WebGL has been exposed to every website you visit with no permission prompt, and WebGPU soon will be too. It is possible to expose GPUs securely and the WebGPU API is designed with sandboxing and security in mind.
Edit: I believe the bug you linked below (https://bugs.chromium.org/p/project-zero/issues/detail?id=20...) can't be exploited through WebGL or WebGPU in the browser because all GPU access is remoted to a separate process with a special GPU sandbox. I don't know if Deno does this but it should.
The thing is that without read/write or net permissions, a malitious script that turns your computer into a mining rig will throw because it can't connect to any server or use your filesystem. We already expose CPU to third party code, doing the same for GPU is trivial in that sense if you remove the possibility to do anything with it without your consent
That's part of my concern, though since scripts can use the CPU arbitrarily, they could already mine on the CPU. A larger concern is bugs like [0], since GPU drivers are highly complex and highly privileged code.
Yeah that could happen. There was some discussion about a permission in the Discord though, but I don't think it was ever added or thought about on GH.
