diff --git a/doc/api/cli.md b/doc/api/cli.md
index 637c1cd9050557..f47736812cf5f7 100644
--- a/doc/api/cli.md
+++ b/doc/api/cli.md
@@ -52,6 +52,14 @@ If this flag is passed, the behavior can still be set to not abort through
 [`process.setUncaughtExceptionCaptureCallback()`][] (and through usage of the
 `domain` module that uses it).
 
+### `--disable=...`
+<!-- YAML
+added: REPLACEME
+-->
+
+Disable certain features of Node.js at startup. See [`process.accessControl`][]
+for more details.
+
 ### `--enable-fips`
 <!-- YAML
 added: v6.0.0
@@ -60,6 +68,15 @@ added: v6.0.0
 Enable FIPS-compliant crypto at startup. (Requires Node.js to be built with
 `./configure --openssl-fips`.)
 
+### `--experimental-access-control`
+<!-- YAML
+added: REPLACEME
+-->
+
+Allow disabling certain features of Node.js at runtime.
+See [`process.accessControl`][] for more details.
+The `--disable` flag implies this flag.
+
 ### `--experimental-modules`
 <!-- YAML
 added: v8.5.0
@@ -688,6 +705,7 @@ greater than `4` (its current default value). For more information, see the
 [`--openssl-config`]: #cli_openssl_config_file
 [`Buffer`]: buffer.html#buffer_class_buffer
 [`SlowBuffer`]: buffer.html#buffer_class_slowbuffer
+[`process.accessControl`]: process.html#process_access_control
 [`process.setUncaughtExceptionCaptureCallback()`]: process.html#process_process_setuncaughtexceptioncapturecallback_fn
 [Chrome DevTools Protocol]: https://chromedevtools.github.io/devtools-protocol/
 [REPL]: repl.html
diff --git a/doc/api/errors.md b/doc/api/errors.md
index e4a709d45a8031..b60bdb7f11d3ed 100644
--- a/doc/api/errors.md
+++ b/doc/api/errors.md
@@ -578,6 +578,14 @@ found [here][online].
 <a id="nodejs-error-codes"></a>
 ## Node.js Error Codes
 
+<a id="ERR_ACCESS_DENIED"></a>
+### ERR_ACCESS_DENIED
+
+> Stability: 1 - Experimental
+
+This error is thrown when an attempt was made to use a feature of Node.js
+which was previously disabled through the [`process.accessControl`][] mechanism.
+
 <a id="ERR_AMBIGUOUS_ARGUMENT"></a>
 ### ERR_AMBIGUOUS_ARGUMENT
 
@@ -1867,6 +1875,7 @@ A module file could not be resolved while attempting a [`require()`][] or
 [`net`]: net.html
 [`new URL(input)`]: url.html#url_constructor_new_url_input_base
 [`new URLSearchParams(iterable)`]: url.html#url_constructor_new_urlsearchparams_iterable
+[`process.accessControl`]: process.html#process_access_control
 [`process.send()`]: process.html#process_process_send_message_sendhandle_options_callback
 [`process.setUncaughtExceptionCaptureCallback()`]: process.html#process_process_setuncaughtexceptioncapturecallback_fn
 [`require()`]: modules.html#modules_require
diff --git a/doc/api/process.md b/doc/api/process.md
index 0c35007103c253..8d51040e8b4617 100644
--- a/doc/api/process.md
+++ b/doc/api/process.md
@@ -1996,6 +1996,148 @@ Will generate an object similar to:
   tz: '2016b' }
 ```
 
+## Access Control
+
+> Stability: 1 - Experimental
+
+This feature is experimental and needs to be enabled by passing
+the `--experimental-access-control` flag, or the
+`--disable=restrictionA,restrictionB,...` flag to Node.js.
+
+The `--disable` flag takes a comma-separated list of identifiers as described
+below. For example, it can be used as `--disable=fsRead,fsWrite`.
+
+### process.accessControl.apply(restrictions)
+<!-- YAML
+added: REPLACEME
+-->
+
+* `restrictions` {Object} A set of access restrictions that will be applied
+  to the current Node.js instance. The format should be the same as the one
+  returned by [`process.accessControl.getCurrent()`][]. Omitted keys will
+  default to `true`, i.e. to retaining the relevant permissions.
+
+*Warning*: This does not provide a full isolation mechanism. Existing resources
+and communication channels may be used to circumvent these measures, if they
+have been made available before the corresponding restrictions have been put
+into place.
+
+This API is recent and may not be complete.
+Please report bugs at https://github.com/nodejs/node/issues.
+
+Operations started before this call are not undone or stopped.
+Features that were previously disabled through this call cannot be re-enabled.
+Child processes do not inherit these restrictions, whereas [`Worker`][]s do.
+
+The following code removes some permissions of the current Node.js instance:
+
+```js
+process.accessControl.apply({
+  childProcesses: false,
+  createWorkers: false,
+  fsRead: false,
+  fsWrite: false,
+  loadAddons: false,
+  setV8Flags: false
+});
+```
+
+Keys not listed in the object, or with values not set to `false`,
+are unaffected.
+
+If a key that is not `childProcesses` or `loadAddons` is set to `false`,
+the `childProcesses` and `loadAddons` feature set will also be disabled
+automatically.
+
+See [`process.accessControl.getCurrent()`][] for a list of permissions.
+
+### process.accessControl.getCurrent()
+<!-- YAML
+added: REPLACEME
+-->
+
+* Returns: {Object} An object representing a set of permissions for the
+  current Node.js instance of the following structure:
+
+<!-- eslint-skip -->
+```js
+{ accessInspectorBindings: true,
+  childProcesses: true,
+  createWorkers: true,
+  fsRead: true,
+  fsWrite: true,
+  loadAddons: true,
+  modifyTraceEvents: true,
+  netConnectionless: true,
+  netIncoming: true,
+  netOutgoing: true,
+  setEnvironmentVariables: true,
+  setProcessAttrs: true,
+  setV8Flags: true,
+  signalProcesses: true }
+```
+
+Currently only boolean options are supported.
+
+In particular, these settings affect the following features of the Node.js API:
+
+- `accessInspectorBindings`:
+  - [`inspector.open()`][]
+  - [`inspector.Session.connect()`][]
+- `childProcesses`:
+  - [`child_process`][`ChildProcess`] methods
+- `createWorkers`:
+  - [`worker_threads.Worker`][`Worker`]
+- `fsRead`:
+  - All read-only [`fs`][] operations, including watchers
+    - This always includes `fs.open()` and `fs.openSync()`, even when
+      writing to files.
+  - Existing `fs.ReadStream` instances will not continue to work.
+  - [`os.homedir()`][]
+  - [`os.userInfo()`][]
+  - [`require()`][]
+  - [`process.stdin`][] if this stream points to a file.
+  - Note that `fsRead` and `fsWrite` are distinct permissions.
+- `fsWrite`:
+  - All other [`fs`][] operations
+    - `fs.open()` and `fs.openSync()` when flags indicate writing or appending
+  - Existing `fs.WriteStream` instances will not continue to work.
+  - [`net`][] operations on UNIX domain sockets
+  - [`process.stdout`][] and [`process.stderr`][], respectively, if those
+    streams point to files.
+- `loadAddons`:
+  - [`process.dlopen()`][] and [`require()`][] in the case of native addons
+- `modifyTraceEvents`:
+  - [`tracing.disable()`][] and [`tracing.enable()`][]
+- `netConnectionless`:
+  - [UDP][] operations, including sending data from existing sockets
+- `netIncoming`:
+  - [`server.listen()`][`net.Server`]
+  - Receiving or sending data on existing sockets is unaffected.
+- `netOutgoing`:
+  - [`socket.connect()`][`net.Socket`]
+  - [`dns`][] requests
+  - Receiving or sending data on existing sockets is unaffected.
+- `setEnvironmentVariables`:
+  - Setting/deleting keys on [`process.env`][]
+- `setProcessAttrs`:
+  - [`process.chdir()`][]
+  - [`process.initgroups()`][]
+  - [`process.setgroups()`][]
+  - [`process.setgid()`][]
+  - [`process.setuid()`][]
+  - [`process.setegid()`][]
+  - [`process.seteuid()`][]
+  - [`process.title`][] setting
+- `setV8Flags`:
+  - [`v8.setFlagsFromString()`][]
+- `signalProcesses`:
+  - [`process.kill()`][]
+  - Debugging cluster child processes
+
+This function always returns a new object. Modifications to the returned object
+will have no effect.
+
 ## Exit Codes
 
 Node.js will normally exit with a `0` status code when no more async
@@ -2057,24 +2199,44 @@ cases:
 [`Worker`]: worker_threads.html#worker_threads_class_worker
 [`console.error()`]: console.html#console_console_error_data_args
 [`console.log()`]: console.html#console_console_log_data_args
+[`dns`]: dns.html
 [`domain`]: domain.html
 [`end()`]: stream.html#stream_writable_end_chunk_encoding_callback
+[`fs`]: fs.html
+[`inspector.open()`]: inspector.html#inspector_inspector_open_port_host_wait
+[`inspector.Session.connect()`]: inspector.html#inspector_session_connect
+[`net`]: net.html
 [`net.Server`]: net.html#net_class_net_server
 [`net.Socket`]: net.html#net_class_net_socket
 [`os.constants.dlopen`]: os.html#os_dlopen_constants
+[`os.homedir()`]: os.html#os_os_homedir
+[`os.userInfo()`]: os.html#os_os_userinfo_options
+[`process.accessControl.getCurrent()`]: #process_process_accesscontrol_getcurrent
 [`process.argv`]: #process_process_argv
+[`process.chdir()`]: #process_process_chdir_directory
+[`process.dlopen()`]: #process_process_dlopen_module_filename_flags
+[`process.env`]: #process_process_env
 [`process.execPath`]: #process_process_execpath
 [`process.exit()`]: #process_process_exit_code
 [`process.exitCode`]: #process_process_exitcode
 [`process.hrtime()`]: #process_process_hrtime_time
 [`process.hrtime.bigint()`]: #process_process_hrtime_bigint
+[`process.initgroups()`]: #process_process_initgroups_user_extragroup
 [`process.kill()`]: #process_process_kill_pid_signal
+[`process.setegid()`]: #process_process_setegid_id
+[`process.seteuid()`]: #process_process_seteuid_id
+[`process.setgid()`]: #process_process_setgid_id
+[`process.setgroups()`]: #process_process_setgroups_groups
+[`process.setuid()`]: #process_process_setuid_id
 [`process.setUncaughtExceptionCaptureCallback()`]: process.html#process_process_setuncaughtexceptioncapturecallback_fn
+[`process.title`]: #process_process_title
 [`promise.catch()`]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise/catch
 [`require()`]: globals.html#globals_require
 [`require.main`]: modules.html#modules_accessing_the_main_module
 [`require.resolve()`]: modules.html#modules_require_resolve_request_options
 [`setTimeout(fn, 0)`]: timers.html#timers_settimeout_callback_delay_args
+[`tracing.disable()`]: tracing.html#tracing_tracing_disable
+[`tracing.enable()`]: tracing.html#tracing_tracing_enable
 [`v8.setFlagsFromString()`]: v8.html#v8_v8_setflagsfromstring_flags
 [Android building]: https://github.com/nodejs/node/blob/master/BUILDING.md#androidandroid-based-devices-eg-firefox-os
 [Child Process]: child_process.html
@@ -2089,4 +2251,5 @@ cases:
 [Signal Events]: #process_signal_events
 [Stream compatibility]: stream.html#stream_compatibility_with_older_node_js_versions
 [TTY]: tty.html#tty_tty
+[UDP]: dgram.html
 [Writable]: stream.html#stream_writable_streams
diff --git a/doc/api/worker_threads.md b/doc/api/worker_threads.md
index 025a8c9a3ab2cf..0566b2d04d729c 100644
--- a/doc/api/worker_threads.md
+++ b/doc/api/worker_threads.md
@@ -305,6 +305,12 @@ if (isMainThread) {
 ```
 
 ### new Worker(filename[, options])
+<!-- YAML
+changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/???
+    description: The `accessControl` option was added.
+-->
 
 * `filename` {string} The path to the Worker’s main script. Must be
   either an absolute path or a relative path (i.e. relative to the
@@ -312,6 +318,8 @@ if (isMainThread) {
   If `options.eval` is true, this is a string containing JavaScript code rather
   than a path.
 * `options` {Object}
+  * `accessControl` {Object} A set of access restrictions that will be applied
+    to the worker thread. See [`process.accessControl.apply()`][] for details.
   * `eval` {boolean} If true, interpret the first argument to the constructor
     as a script that is executed once the worker is online.
   * `workerData` {any} Any JavaScript value that will be cloned and made
@@ -327,6 +335,10 @@ if (isMainThread) {
   * stderr {boolean} If this is set to `true`, then `worker.stderr` will
     not automatically be piped through to `process.stderr` in the parent.
 
+Note that if `accessControl.fsRead` is set to `false`, the worker thread will
+not be able to read its main script from the file system, so a source script
+should be passed in instead and the `eval` option should be set.
+
 ### Event: 'error'
 <!-- YAML
 added: v10.5.0
@@ -473,6 +485,7 @@ active handle in the event system. If the worker is already `unref()`ed calling
 [`port.on('message')`]: #worker_threads_event_message
 [`process.exit()`]: process.html#process_process_exit_code
 [`process.abort()`]: process.html#process_process_abort
+[`process.accessControl.apply()`]: process.html#process_process_accesscontrol_apply_restrictions
 [`process.chdir()`]: process.html#process_process_chdir_directory
 [`process.env`]: process.html#process_process_env
 [`process.stdin`]: process.html#process_process_stdin
diff --git a/doc/node.1 b/doc/node.1
index e437cc2e2ae81b..8c0b173a5619c0 100644
--- a/doc/node.1
+++ b/doc/node.1
@@ -75,6 +75,12 @@ the next argument will be used as a script filename.
 .It Fl -abort-on-uncaught-exception
 Aborting instead of exiting causes a core file to be generated for analysis.
 .
+.It Fl -disable Ns = Ns Ar featureA,featureB,...
+Disables certain features of Node.js at startup.
+A full list of available restriction identifiers can be shown by running:
+.Pp
+.Sy ./node --experimental-access-control --print 'process.accessControl.getCurrent()'
+.
 .It Fl -enable-fips
 Enable FIPS-compliant crypto at startup.
 Requires Node.js to be built with
@@ -83,6 +89,12 @@ Requires Node.js to be built with
 .It Fl -experimental-modules
 Enable experimental ES module support and caching modules.
 .
+.It Fl -experimental-access-control
+Allow disabling certain features of Node.js at runtime.
+The
+.Fl -disable
+flag implies this flag.
+.
 .It Fl -experimental-repl-await
 Enable experimental top-level
 .Sy await
diff --git a/lib/internal/bootstrap/node.js b/lib/internal/bootstrap/node.js
index e6c4da25b00d9b..1bf37573770ff5 100644
--- a/lib/internal/bootstrap/node.js
+++ b/lib/internal/bootstrap/node.js
@@ -98,6 +98,9 @@
     perThreadSetup.setupMemoryUsage(_memoryUsage);
     perThreadSetup.setupKillAndExit();
 
+    if (process.binding('config').experimentalAccessControl)
+      process.accessControl = internalBinding('access_control');
+
     if (global.__coverage__)
       NativeModule.require('internal/process/write-coverage').setup();
 
diff --git a/lib/internal/worker.js b/lib/internal/worker.js
index 26c16f86e3e8fc..21f64ec3dd417d 100644
--- a/lib/internal/worker.js
+++ b/lib/internal/worker.js
@@ -274,6 +274,12 @@ class Worker extends EventEmitter {
       publicPort: port2,
       hasStdin: !!options.stdin
     }, [port2]);
+
+    if (typeof options.accessControl === 'object' &&
+        options.accessControl !== null) {
+      this[kHandle].applyAccessControl(options.accessControl);
+    }
+
     // Actually start the new thread now that everything is in place.
     this[kHandle].startThread();
   }
diff --git a/node.gyp b/node.gyp
index 8c42474bbed90a..d6d9530f00f16f 100644
--- a/node.gyp
+++ b/node.gyp
@@ -337,6 +337,7 @@
         'src/js_stream.cc',
         'src/module_wrap.cc',
         'src/node.cc',
+        'src/node_access_control.cc',
         'src/node_api.cc',
         'src/node_api.h',
         'src/node_api_types.h',
diff --git a/src/cares_wrap.cc b/src/cares_wrap.cc
index 9d3d098734470f..849148add59ca0 100644
--- a/src/cares_wrap.cc
+++ b/src/cares_wrap.cc
@@ -1800,6 +1800,7 @@ class GetHostByAddrWrap: public QueryWrap {
 template <class Wrap>
 static void Query(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, netOutgoing);
   ChannelWrap* channel;
   ASSIGN_OR_RETURN_UNWRAP(&channel, args.Holder());
 
@@ -1949,6 +1950,7 @@ void CanonicalizeIP(const FunctionCallbackInfo<Value>& args) {
 
 void GetAddrInfo(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, netOutgoing);
 
   CHECK(args[0]->IsObject());
   CHECK(args[1]->IsString());
@@ -2000,6 +2002,7 @@ void GetAddrInfo(const FunctionCallbackInfo<Value>& args) {
 
 void GetNameInfo(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, netOutgoing);
 
   CHECK(args[0]->IsObject());
   CHECK(args[1]->IsString());
diff --git a/src/env-inl.h b/src/env-inl.h
index 3bca20c81ce4ce..fa61d664588fb3 100644
--- a/src/env-inl.h
+++ b/src/env-inl.h
@@ -55,6 +55,27 @@ inline MultiIsolatePlatform* IsolateData::platform() const {
   return platform_;
 }
 
+AccessControl::AccessControl() {
+  permissions_.set();  // Sets all values to 'true'.
+}
+
+void AccessControl::set_permission(Permission perm, bool value) {
+  permissions_.set(static_cast<size_t>(perm), value);
+
+  if (value == false && perm != childProcesses && perm != loadAddons) {
+    set_permission(childProcesses, false);
+    set_permission(loadAddons, false);
+  }
+}
+
+bool AccessControl::has_permission(Permission perm) const {
+  return LIKELY(permissions_.test(static_cast<size_t>(perm)));
+}
+
+void AccessControl::apply(const AccessControl& other) {
+  permissions_ &= other.permissions_;
+}
+
 inline Environment::AsyncHooks::AsyncHooks()
     : async_ids_stack_(env()->isolate(), 16 * 2),
       fields_(env()->isolate(), kFieldsCount),
@@ -391,6 +412,10 @@ inline uv_loop_t* Environment::event_loop() const {
   return isolate_data()->event_loop();
 }
 
+inline AccessControl* Environment::access_control() {
+  return &access_control_;
+}
+
 inline Environment::AsyncHooks* Environment::async_hooks() {
   return &async_hooks_;
 }
diff --git a/src/env.cc b/src/env.cc
index 97405fe4b1006f..24515621cdea8f 100644
--- a/src/env.cc
+++ b/src/env.cc
@@ -178,6 +178,8 @@ Environment::Environment(IsolateData* isolate_data,
 
   isolate()->GetHeapProfiler()->AddBuildEmbedderGraphCallback(
       BuildEmbedderGraph, this);
+
+  access_control()->apply(global_access_control);
 }
 
 Environment::~Environment() {
diff --git a/src/env.h b/src/env.h
index 28aa936c246d25..925a4e16d8b4f3 100644
--- a/src/env.h
+++ b/src/env.h
@@ -36,6 +36,7 @@
 #include "node.h"
 #include "node_http2_state.h"
 
+#include <bitset>
 #include <list>
 #include <stdint.h>
 #include <vector>
@@ -235,6 +236,7 @@ struct PackageConfig {
   V(password_string, "password")                                              \
   V(path_string, "path")                                                      \
   V(pending_handle_string, "pendingHandle")                                   \
+  V(permission_string, "permission")                                          \
   V(pid_string, "pid")                                                        \
   V(pipe_string, "pipe")                                                      \
   V(pipe_target_string, "pipeTarget")                                         \
@@ -418,6 +420,61 @@ enum class DebugCategory {
   CATEGORY_COUNT
 };
 
+class AccessControl {
+ public:
+  enum Permission {
+#define ACCESS_CONTROL_FLAGS(V)                \
+    V(accessInspectorBindings)                 \
+    V(childProcesses)                          \
+    V(createWorkers)                           \
+    V(fsRead)                                  \
+    V(fsWrite)                                 \
+    V(loadAddons)                              \
+    V(modifyTraceEvents)                       \
+    V(netConnectionless)                       \
+    V(netIncoming)                             \
+    V(netOutgoing)                             \
+    V(setEnvironmentVariables)                 \
+    V(setProcessAttrs)                         \
+    V(setV8Flags)                              \
+    V(signalProcesses)                         \
+
+#define V(kind) kind,
+    ACCESS_CONTROL_FLAGS(V)
+#undef V
+    kNumPermissions
+  };
+
+  inline AccessControl();
+
+  inline void set_permission(Permission perm, bool value);
+  inline bool has_permission(Permission perm) const;
+  inline void apply(const AccessControl& other);
+
+  static Permission PermissionFromString(const char* str);
+  static const char* PermissionToString(Permission perm);
+
+  v8::MaybeLocal<v8::Object> ToObject(v8::Local<v8::Context> context);
+  static v8::Maybe<AccessControl> FromObject(v8::Local<v8::Context> context,
+                                             v8::Local<v8::Object> object);
+  static AccessControl FromString(const std::string& disabled_item_list,
+                                  std::string* unknown_item);
+
+  static void ThrowAccessDenied(Environment* env, Permission perm);
+
+ private:
+  std::bitset<kNumPermissions> permissions_;
+};
+
+#define THROW_IF_INSUFFICIENT_PERMISSIONS(env, perm_, ...)                     \
+  do {                                                                         \
+    const AccessControl::Permission perm = (AccessControl::Permission::perm_); \
+    if (UNLIKELY(!(env)->access_control()->has_permission(perm))) {            \
+      AccessControl::ThrowAccessDenied((env), perm);                           \
+      return __VA_ARGS__;                                                      \
+    }                                                                          \
+  } while (0)
+
 class Environment {
  public:
   class AsyncHooks {
@@ -627,6 +684,7 @@ class Environment {
   inline void IncreaseWaitingRequestCounter();
   inline void DecreaseWaitingRequestCounter();
 
+  inline AccessControl* access_control();
   inline AsyncHooks* async_hooks();
   inline ImmediateInfo* immediate_info();
   inline TickInfo* tick_info();
@@ -897,6 +955,7 @@ class Environment {
   uv_check_t idle_check_handle_;
   bool profiler_idle_notifier_started_ = false;
 
+  AccessControl access_control_;
   AsyncHooks async_hooks_;
   ImmediateInfo immediate_info_;
   TickInfo tick_info_;
diff --git a/src/fs_event_wrap.cc b/src/fs_event_wrap.cc
index e0cdab4d3e20f1..349b1026e0ffa5 100644
--- a/src/fs_event_wrap.cc
+++ b/src/fs_event_wrap.cc
@@ -134,6 +134,7 @@ void FSEventWrap::New(const FunctionCallbackInfo<Value>& args) {
 // wrap.start(filename, persistent, recursive, encoding)
 void FSEventWrap::Start(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
 
   FSEventWrap* wrap = Unwrap<FSEventWrap>(args.This());
   CHECK_NOT_NULL(wrap);
diff --git a/src/inspector_js_api.cc b/src/inspector_js_api.cc
index 4e95598d3a0580..ce2abb07d0e55d 100644
--- a/src/inspector_js_api.cc
+++ b/src/inspector_js_api.cc
@@ -75,6 +75,7 @@ class JSBindingsConnection : public AsyncWrap {
 
   static void New(const FunctionCallbackInfo<Value>& info) {
     Environment* env = Environment::GetCurrent(info);
+    THROW_IF_INSUFFICIENT_PERMISSIONS(env, accessInspectorBindings);
     CHECK(info[0]->IsFunction());
     Local<Function> callback = info[0].As<Function>();
     new JSBindingsConnection(env, info.This(), callback);
@@ -122,7 +123,8 @@ static bool InspectorEnabled(Environment* env) {
 }
 
 void AddCommandLineAPI(const FunctionCallbackInfo<Value>& info) {
-  auto env = Environment::GetCurrent(info);
+  Environment* env = Environment::GetCurrent(info);
+    THROW_IF_INSUFFICIENT_PERMISSIONS(env, accessInspectorBindings);
   Local<Context> context = env->context();
 
   // inspector.addCommandLineAPI takes 2 arguments: a string and a value.
@@ -135,6 +137,7 @@ void AddCommandLineAPI(const FunctionCallbackInfo<Value>& info) {
 
 void CallAndPauseOnStart(const FunctionCallbackInfo<v8::Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+    THROW_IF_INSUFFICIENT_PERMISSIONS(env, accessInspectorBindings);
   CHECK_GT(args.Length(), 1);
   CHECK(args[0]->IsFunction());
   SlicedArguments call_args(args, /* start */ 2);
@@ -237,6 +240,8 @@ void IsEnabled(const FunctionCallbackInfo<Value>& args) {
 
 void Open(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, accessInspectorBindings);
+
   Agent* agent = env->inspector_agent();
   bool wait_for_connect = false;
 
diff --git a/src/module_wrap.cc b/src/module_wrap.cc
index 63e886ab0d7ac0..579cee792d0521 100644
--- a/src/module_wrap.cc
+++ b/src/module_wrap.cc
@@ -640,6 +640,7 @@ Maybe<URL> Resolve(Environment* env,
                    const std::string& specifier,
                    const URL& base,
                    PackageMainCheck check_pjson_main) {
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead, Nothing<URL>());
   URL pure_url(specifier);
   if (!(pure_url.flags() & URL_FLAGS_FAILED)) {
     // just check existence, without altering
@@ -668,6 +669,7 @@ Maybe<URL> Resolve(Environment* env,
 
 void ModuleWrap::Resolve(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
 
   // module.resolve(specifier, url)
   CHECK_EQ(args.Length(), 2);
diff --git a/src/node.cc b/src/node.cc
index 33a68b37a46062..1eadff1a5e3680 100644
--- a/src/node.cc
+++ b/src/node.cc
@@ -240,6 +240,12 @@ bool config_preserve_symlinks = false;
 // that is used by lib/module.js
 bool config_preserve_symlinks_main = false;
 
+// Set in node.cc by ParseArgs when --experimental-access-control is used.
+// Used in node_config.cc to set a constant on process.binding('config')
+// that is used by the bootstrapper.
+bool config_experimental_access_control = false;
+AccessControl global_access_control;
+
 // Set in node.cc by ParseArgs when --experimental-modules is used.
 // Used in node_config.cc to set a constant on process.binding('config')
 // that is used by lib/module.js
@@ -1380,6 +1386,7 @@ void InitModpendingOnce() {
 // cache that's a plain C list or hash table that's shared across contexts?
 static void DLOpen(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, loadAddons);
   auto context = env->context();
 
   uv_once(&init_modpending_once, InitModpendingOnce);
@@ -1799,6 +1806,9 @@ static void ProcessTitleGetter(Local<Name> property,
 static void ProcessTitleSetter(Local<Name> property,
                                Local<Value> value,
                                const PropertyCallbackInfo<void>& info) {
+  Environment* env = Environment::GetCurrent(info);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, setProcessAttrs);
+
   node::Utf8Value title(info.GetIsolate(), value);
   TRACE_EVENT_METADATA1("__metadata", "process_name", "name",
                         TRACE_STR_COPY(*title));
@@ -1844,6 +1854,8 @@ static void EnvSetter(Local<Name> property,
                       Local<Value> value,
                       const PropertyCallbackInfo<Value>& info) {
   Environment* env = Environment::GetCurrent(info);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, setEnvironmentVariables);
+
   if (config_pending_deprecation && env->EmitProcessEnvWarning() &&
       !value->IsString() && !value->IsNumber() && !value->IsBoolean()) {
     if (ProcessEmitDeprecationWarning(
@@ -1906,6 +1918,9 @@ static void EnvQuery(Local<Name> property,
 
 static void EnvDeleter(Local<Name> property,
                        const PropertyCallbackInfo<Boolean>& info) {
+  Environment* env = Environment::GetCurrent(info);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, setEnvironmentVariables);
+
   Mutex::ScopedLock lock(environ_mutex);
   if (property->IsString()) {
 #ifdef __POSIX__
@@ -2050,6 +2065,9 @@ static void DebugPortGetter(Local<Name> property,
 static void DebugPortSetter(Local<Name> property,
                             Local<Value> value,
                             const PropertyCallbackInfo<void>& info) {
+  Environment* env = Environment::GetCurrent(info);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, setProcessAttrs);
+
   Mutex::ScopedLock lock(process_mutex);
   debug_options.set_port(value->Int32Value());
 }
@@ -2603,9 +2621,15 @@ static void PrintHelp() {
          "  --abort-on-uncaught-exception\n"
          "                             aborting instead of exiting causes a\n"
          "                             core file to be generated for analysis\n"
+         "  --disable=featureA,featureB,...\n"
+        "                              experimental support for\n"
+         "                             disabling individual features\n"
+         "                             by listing them on the command line\n"
 #if HAVE_OPENSSL && NODE_FIPS_MODE
          "  --enable-fips              enable FIPS crypto at startup\n"
 #endif  // NODE_FIPS_MODE && NODE_FIPS_MODE
+         "  --experimental-access-control     experimental support for\n"
+         "                                    disabling individual features\n"
          "  --experimental-modules     experimental ES Module support\n"
          "                             and caching modules\n"
          "  --experimental-repl-await  experimental await keyword support\n"
@@ -2773,7 +2797,9 @@ static void CheckIfAllowedInEnv(const char* exe, bool is_env,
   static const char* whitelist[] = {
     // Node options, sorted in `node --help` order for ease of comparison.
     // Please, update NODE_OPTIONS section in cli.md if changed.
+    "--disable",
     "--enable-fips",
+    "--experimental-access-control",
     "--experimental-modules",
     "--experimental-repl-await",
     "--experimental-vm-modules",
@@ -2970,6 +2996,18 @@ static void ParseArgs(int* argc,
       config_preserve_symlinks = true;
     } else if (strcmp(arg, "--preserve-symlinks-main") == 0) {
       config_preserve_symlinks_main = true;
+    } else if (strncmp(arg, "--disable=", 10) == 0) {
+      std::string unknown_item;
+      global_access_control.apply(
+          AccessControl::FromString(arg + 10, &unknown_item));
+      if (!unknown_item.empty()) {
+        fprintf(stderr, "%s: unknown --disable entry %s\n",
+                argv[0], unknown_item.c_str());
+        exit(9);
+      }
+      config_experimental_access_control = true;
+    } else if (strcmp(arg, "--experimental-access-control") == 0) {
+      config_experimental_access_control = true;
     } else if (strcmp(arg, "--experimental-modules") == 0) {
       config_experimental_modules = true;
     } else if (strcmp(arg, "--experimental-vm-modules") == 0) {
@@ -3069,6 +3107,12 @@ static void ParseArgs(int* argc,
     exit(9);
   }
 
+  if (config_experimental_access_control) {
+    fprintf(stderr,
+            "Warning: Access control through disabling features is "
+            "experimental and may be changed at any time.\n");
+  }
+
   // Copy remaining arguments.
   const unsigned int args_left = nargs - index;
 
@@ -3122,6 +3166,7 @@ void RegisterSignalHandler(int signal,
 
 void DebugProcess(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, signalProcesses);
 
   if (args.Length() != 1) {
     return env->ThrowError("Invalid number of arguments.");
@@ -3148,6 +3193,8 @@ static int GetDebugSignalHandlerMappingName(DWORD pid, wchar_t* buf,
 
 static void DebugProcess(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, signalProcesses);
+
   Isolate* isolate = args.GetIsolate();
   DWORD pid;
   HANDLE process = nullptr;
diff --git a/src/node_access_control.cc b/src/node_access_control.cc
new file mode 100644
index 00000000000000..59813bb7f94ed9
--- /dev/null
+++ b/src/node_access_control.cc
@@ -0,0 +1,141 @@
+#include "node_internals.h"
+#include "node_errors.h"
+#include "env-inl.h"
+
+using v8::Boolean;
+using v8::Context;
+using v8::EscapableHandleScope;
+using v8::FunctionCallbackInfo;
+using v8::HandleScope;
+using v8::Isolate;
+using v8::Just;
+using v8::Local;
+using v8::Maybe;
+using v8::MaybeLocal;
+using v8::Nothing;
+using v8::Object;
+using v8::Value;
+
+namespace node {
+
+MaybeLocal<Object> AccessControl::ToObject(Local<Context> context) {
+  Isolate* isolate = context->GetIsolate();
+  EscapableHandleScope handle_scope(isolate);
+
+  Local<Object> obj = Object::New(isolate);
+
+#define V(kind)                                                               \
+  if (obj->Set(context,                                                       \
+               FIXED_ONE_BYTE_STRING(isolate, #kind),                         \
+               Boolean::New(isolate, has_permission(kind))).IsNothing()) {    \
+    return MaybeLocal<Object>();                                              \
+  }
+  ACCESS_CONTROL_FLAGS(V)
+#undef V
+
+  return handle_scope.Escape(obj);
+}
+
+Maybe<AccessControl> AccessControl::FromObject(Local<Context> context,
+                                               Local<Object> obj) {
+  Isolate* isolate = context->GetIsolate();
+  HandleScope scope(isolate);
+
+  AccessControl ret;
+
+  Local<Value> field;
+#define V(kind)                                                               \
+  if (!obj->Get(context, FIXED_ONE_BYTE_STRING(isolate, #kind))               \
+          .ToLocal(&field)) {                                                 \
+    return Nothing<AccessControl>();                                          \
+  }                                                                           \
+  ret.set_permission(kind, !field->IsFalse());
+  ACCESS_CONTROL_FLAGS(V)
+#undef V
+
+  return Just(ret);
+}
+
+AccessControl AccessControl::FromString(const std::string& disabled_item_list,
+                                        std::string* unknown_item) {
+  AccessControl ret;
+
+  std::set<std::string> items = ParseCommaSeparatedSet(disabled_item_list);
+  for (const std::string& item : items) {
+    Permission perm = PermissionFromString(item.c_str());
+    if (perm != kNumPermissions) {
+      ret.set_permission(perm, false);
+      continue;
+    }
+    if (unknown_item != nullptr)
+      *unknown_item = item;
+  }
+
+  return ret;
+}
+
+AccessControl::Permission AccessControl::PermissionFromString(const char* str) {
+#define V(kind) if (strcmp(str, #kind) == 0) return kind;
+  ACCESS_CONTROL_FLAGS(V)
+#undef V
+  return kNumPermissions;
+}
+
+const char* AccessControl::PermissionToString(Permission perm) {
+  switch (perm) {
+#define V(kind) case kind: return #kind;
+    ACCESS_CONTROL_FLAGS(V)
+#undef V
+    default: return nullptr;
+  }
+}
+
+void AccessControl::ThrowAccessDenied(Environment* env, Permission perm) {
+  Local<Value> err = ERR_ACCESS_DENIED(env->isolate());
+  CHECK(err->IsObject());
+  err.As<Object>()->Set(
+      env->context(),
+      env->permission_string(),
+      v8::String::NewFromUtf8(env->isolate(),
+                              PermissionToString(perm),
+                              v8::NewStringType::kNormal).ToLocalChecked())
+          .FromMaybe(false);  // Nothing to do about an error at this point.
+  env->isolate()->ThrowException(err);
+}
+
+namespace ac {
+
+void Apply(const FunctionCallbackInfo<Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
+
+  AccessControl access_control;
+  Local<Object> obj;
+  if (!args[0]->ToObject(env->context()).ToLocal(&obj) ||
+      !AccessControl::FromObject(env->context(), obj).To(&access_control)) {
+    return;
+  }
+
+  env->access_control()->apply(access_control);
+}
+
+void GetCurrent(const FunctionCallbackInfo<Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
+
+  Local<Object> ret;
+  if (env->access_control()->ToObject(env->context()).ToLocal(&ret))
+    args.GetReturnValue().Set(ret);
+}
+
+void Initialize(Local<Object> target,
+                Local<Value> unused,
+                Local<Context> context,
+                void* priv) {
+  Environment* env = Environment::GetCurrent(context);
+  env->SetMethod(target, "apply", Apply);
+  env->SetMethod(target, "getCurrent", GetCurrent);
+}
+
+}  // namespace ac
+}  // namespace node
+
+NODE_MODULE_CONTEXT_AWARE_INTERNAL(access_control, node::ac::Initialize)
diff --git a/src/node_config.cc b/src/node_config.cc
index 62fd4ef81e093c..0a8bd2b3893e0c 100644
--- a/src/node_config.cc
+++ b/src/node_config.cc
@@ -81,6 +81,9 @@ static void Initialize(Local<Object> target,
   if (config_preserve_symlinks_main)
     READONLY_BOOLEAN_PROPERTY("preserveSymlinksMain");
 
+  if (config_experimental_access_control)
+    READONLY_BOOLEAN_PROPERTY("experimentalAccessControl");
+
   if (config_experimental_modules) {
     READONLY_BOOLEAN_PROPERTY("experimentalModules");
     if (!config_userland_loader.empty()) {
diff --git a/src/node_errors.h b/src/node_errors.h
index fdfb670af636af..047f67e76118ad 100644
--- a/src/node_errors.h
+++ b/src/node_errors.h
@@ -21,6 +21,7 @@ namespace node {
 // a `Local<Value>` containing the TypeError with proper code and message
 
 #define ERRORS_WITH_CODE(V)                                                  \
+  V(ERR_ACCESS_DENIED, Error)                                                \
   V(ERR_BUFFER_OUT_OF_BOUNDS, RangeError)                                    \
   V(ERR_BUFFER_TOO_LARGE, Error)                                             \
   V(ERR_CANNOT_TRANSFER_OBJECT, TypeError)                                   \
@@ -61,6 +62,7 @@ namespace node {
 // Errors with predefined static messages
 
 #define PREDEFINED_ERROR_MESSAGES(V)                                         \
+  V(ERR_ACCESS_DENIED, "Access to this API has been restricted")             \
   V(ERR_CANNOT_TRANSFER_OBJECT, "Cannot transfer object of unsupported type")\
   V(ERR_CLOSED_MESSAGE_PORT, "Cannot send data on closed MessagePort")       \
   V(ERR_CONSTRUCT_CALL_REQUIRED, "Cannot call constructor without `new`")    \
diff --git a/src/node_file.cc b/src/node_file.cc
index fb976a31a5b3c1..05b8bca022ab92 100644
--- a/src/node_file.cc
+++ b/src/node_file.cc
@@ -285,6 +285,8 @@ FileHandleReadWrap::FileHandleReadWrap(FileHandle* handle, Local<Object> obj)
 int FileHandle::ReadStart() {
   if (!IsAlive() || IsClosing())
     return UV_EOF;
+  if (!env()->access_control()->has_permission(AccessControl::fsRead))
+    return UV_EPERM;
 
   reading_ = true;
 
@@ -783,7 +785,7 @@ inline FSReqBase* GetReqWrap(Environment* env, Local<Value> value,
 
 void Access(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args.GetIsolate());
-  HandleScope scope(env->isolate());
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
 
   const int argc = args.Length();
   CHECK_GE(argc, 2);
@@ -836,6 +838,8 @@ void Close(const FunctionCallbackInfo<Value>& args) {
 // in the file.
 static void InternalModuleReadJSON(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
+
   uv_loop_t* loop = env->event_loop();
 
   CHECK(args[0]->IsString());
@@ -903,6 +907,7 @@ static void InternalModuleReadJSON(const FunctionCallbackInfo<Value>& args) {
 // The speedup comes from not creating thousands of Stat and Error objects.
 static void InternalModuleStat(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
 
   CHECK(args[0]->IsString());
   node::Utf8Value path(env->isolate(), args[0]);
@@ -920,6 +925,7 @@ static void InternalModuleStat(const FunctionCallbackInfo<Value>& args) {
 
 static void Stat(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
 
   const int argc = args.Length();
   CHECK_GE(argc, 2);
@@ -950,6 +956,7 @@ static void Stat(const FunctionCallbackInfo<Value>& args) {
 
 static void LStat(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
 
   const int argc = args.Length();
   CHECK_GE(argc, 3);
@@ -981,6 +988,7 @@ static void LStat(const FunctionCallbackInfo<Value>& args) {
 
 static void FStat(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
 
   const int argc = args.Length();
   CHECK_GE(argc, 2);
@@ -1011,6 +1019,7 @@ static void FStat(const FunctionCallbackInfo<Value>& args) {
 
 static void Symlink(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   int argc = args.Length();
   CHECK_GE(argc, 4);
@@ -1039,6 +1048,7 @@ static void Symlink(const FunctionCallbackInfo<Value>& args) {
 
 static void Link(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   int argc = args.Length();
   CHECK_GE(argc, 3);
@@ -1065,6 +1075,7 @@ static void Link(const FunctionCallbackInfo<Value>& args) {
 
 static void ReadLink(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
 
   int argc = args.Length();
   CHECK_GE(argc, 3);
@@ -1107,6 +1118,7 @@ static void ReadLink(const FunctionCallbackInfo<Value>& args) {
 
 static void Rename(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   int argc = args.Length();
   CHECK_GE(argc, 3);
@@ -1133,6 +1145,7 @@ static void Rename(const FunctionCallbackInfo<Value>& args) {
 
 static void FTruncate(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 3);
@@ -1159,6 +1172,7 @@ static void FTruncate(const FunctionCallbackInfo<Value>& args) {
 
 static void Fdatasync(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 2);
@@ -1181,6 +1195,7 @@ static void Fdatasync(const FunctionCallbackInfo<Value>& args) {
 
 static void Fsync(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 2);
@@ -1203,6 +1218,7 @@ static void Fsync(const FunctionCallbackInfo<Value>& args) {
 
 static void Unlink(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 2);
@@ -1225,6 +1241,7 @@ static void Unlink(const FunctionCallbackInfo<Value>& args) {
 
 static void RMDir(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 2);
@@ -1374,6 +1391,7 @@ int MKDirpAsync(uv_loop_t* loop,
 
 static void MKDir(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 4);
@@ -1408,6 +1426,7 @@ static void MKDir(const FunctionCallbackInfo<Value>& args) {
 
 static void RealPath(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
 
   const int argc = args.Length();
   CHECK_GE(argc, 3);
@@ -1451,6 +1470,7 @@ static void RealPath(const FunctionCallbackInfo<Value>& args) {
 
 static void ReadDir(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
 
   const int argc = args.Length();
   CHECK_GE(argc, 3);
@@ -1586,6 +1606,11 @@ static void Open(const FunctionCallbackInfo<Value>& args) {
   CHECK(args[1]->IsInt32());
   const int flags = args[1].As<Int32>()->Value();
 
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
+  if ((flags & (O_WRONLY | O_RDWR | O_APPEND | O_CREAT)) != 0) {
+    THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
+  }
+
   CHECK(args[2]->IsInt32());
   const int mode = args[2].As<Int32>()->Value();
 
@@ -1616,6 +1641,11 @@ static void OpenFileHandle(const FunctionCallbackInfo<Value>& args) {
   CHECK(args[1]->IsInt32());
   const int flags = args[1].As<Int32>()->Value();
 
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
+  if ((flags & (O_WRONLY | O_RDWR | O_APPEND | O_CREAT)) != 0) {
+    THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
+  }
+
   CHECK(args[2]->IsInt32());
   const int mode = args[2].As<Int32>()->Value();
 
@@ -1641,6 +1671,7 @@ static void OpenFileHandle(const FunctionCallbackInfo<Value>& args) {
 
 static void CopyFile(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 3);
@@ -1681,7 +1712,7 @@ static void CopyFile(const FunctionCallbackInfo<Value>& args) {
 //             if null, write from the current position
 static void WriteBuffer(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
-
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
   const int argc = args.Length();
   CHECK_GE(argc, 4);
 
@@ -1733,6 +1764,7 @@ static void WriteBuffer(const FunctionCallbackInfo<Value>& args) {
 //             if null, write from the current position
 static void WriteBuffers(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 3);
@@ -1779,6 +1811,7 @@ static void WriteBuffers(const FunctionCallbackInfo<Value>& args) {
 // 3 enc       encoding of string
 static void WriteString(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 4);
@@ -1879,6 +1912,7 @@ static void WriteString(const FunctionCallbackInfo<Value>& args) {
  */
 static void Read(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
 
   const int argc = args.Length();
   CHECK_GE(argc, 5);
@@ -1926,6 +1960,7 @@ static void Read(const FunctionCallbackInfo<Value>& args) {
  */
 static void Chmod(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 2);
@@ -1956,6 +1991,7 @@ static void Chmod(const FunctionCallbackInfo<Value>& args) {
  */
 static void FChmod(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 2);
@@ -1986,6 +2022,7 @@ static void FChmod(const FunctionCallbackInfo<Value>& args) {
  */
 static void Chown(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 3);
@@ -2019,6 +2056,7 @@ static void Chown(const FunctionCallbackInfo<Value>& args) {
  */
 static void FChown(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 3);
@@ -2049,6 +2087,7 @@ static void FChown(const FunctionCallbackInfo<Value>& args) {
 
 static void LChown(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 3);
@@ -2079,6 +2118,7 @@ static void LChown(const FunctionCallbackInfo<Value>& args) {
 
 static void UTimes(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 3);
@@ -2108,6 +2148,7 @@ static void UTimes(const FunctionCallbackInfo<Value>& args) {
 
 static void FUTimes(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 3);
@@ -2137,6 +2178,7 @@ static void FUTimes(const FunctionCallbackInfo<Value>& args) {
 
 static void Mkdtemp(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsWrite);
 
   const int argc = args.Length();
   CHECK_GE(argc, 2);
diff --git a/src/node_internals.h b/src/node_internals.h
index 968d229f1001a7..12c7373d44bc76 100644
--- a/src/node_internals.h
+++ b/src/node_internals.h
@@ -105,6 +105,7 @@ struct sockaddr;
 // node is built as static library. No need to depends on the
 // __attribute__((constructor)) like mechanism in GCC.
 #define NODE_BUILTIN_STANDARD_MODULES(V)                                      \
+    V(access_control)                                                         \
     V(async_wrap)                                                             \
     V(buffer)                                                                 \
     V(cares_wrap)                                                             \
@@ -185,6 +186,12 @@ extern bool config_preserve_symlinks;
 // that is used by lib/module.js
 extern bool config_preserve_symlinks_main;
 
+// Set in node.cc by ParseArgs when --experimental-access-control is used.
+// Used in node_config.cc to set a constant on process.binding('config')
+// that is used by the bootstrapper.
+extern bool config_experimental_access_control;
+extern AccessControl global_access_control;
+
 // Set in node.cc by ParseArgs when --experimental-modules is used.
 // Used in node_config.cc to set a constant on process.binding('config')
 // that is used by lib/module.js
diff --git a/src/node_os.cc b/src/node_os.cc
index c9eef808b0addf..bdbf65f9522e51 100644
--- a/src/node_os.cc
+++ b/src/node_os.cc
@@ -321,6 +321,7 @@ static void GetInterfaceAddresses(const FunctionCallbackInfo<Value>& args) {
 
 static void GetHomeDirectory(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
   char buf[PATH_MAX];
 
   size_t len = sizeof(buf);
@@ -342,6 +343,7 @@ static void GetHomeDirectory(const FunctionCallbackInfo<Value>& args) {
 
 static void GetUserInfo(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
   uv_passwd_t pwd;
   enum encoding encoding;
 
diff --git a/src/node_process.cc b/src/node_process.cc
index d816c32f8dd298..9a12bf9427a26f 100644
--- a/src/node_process.cc
+++ b/src/node_process.cc
@@ -60,6 +60,7 @@ void Abort(const FunctionCallbackInfo<Value>& args) {
 
 void Chdir(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, setProcessAttrs);
   CHECK(env->is_main_thread());
 
   CHECK_EQ(args.Length(), 1);
@@ -150,6 +151,7 @@ void HrtimeBigInt(const FunctionCallbackInfo<Value>& args) {
 
 void Kill(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, signalProcesses);
 
   if (args.Length() != 2)
     return env->ThrowError("Bad argument.");
@@ -364,6 +366,7 @@ void GetEGid(const FunctionCallbackInfo<Value>& args) {
 void SetGid(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
   CHECK(env->is_main_thread());
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, setProcessAttrs);
 
   CHECK_EQ(args.Length(), 1);
   CHECK(args[0]->IsUint32() || args[0]->IsString());
@@ -384,6 +387,7 @@ void SetGid(const FunctionCallbackInfo<Value>& args) {
 void SetEGid(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
   CHECK(env->is_main_thread());
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, setProcessAttrs);
 
   CHECK_EQ(args.Length(), 1);
   CHECK(args[0]->IsUint32() || args[0]->IsString());
@@ -403,6 +407,7 @@ void SetEGid(const FunctionCallbackInfo<Value>& args) {
 
 void SetUid(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, setProcessAttrs);
   CHECK(env->is_main_thread());
 
   CHECK_EQ(args.Length(), 1);
@@ -423,6 +428,7 @@ void SetUid(const FunctionCallbackInfo<Value>& args) {
 
 void SetEUid(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, setProcessAttrs);
   CHECK(env->is_main_thread());
 
   CHECK_EQ(args.Length(), 1);
@@ -479,6 +485,7 @@ void GetGroups(const FunctionCallbackInfo<Value>& args) {
 
 void SetGroups(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, setProcessAttrs);
 
   CHECK_EQ(args.Length(), 1);
   CHECK(args[0]->IsArray());
@@ -512,6 +519,7 @@ void SetGroups(const FunctionCallbackInfo<Value>& args) {
 
 void InitGroups(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, setProcessAttrs);
 
   CHECK_EQ(args.Length(), 2);
   CHECK(args[0]->IsUint32() || args[0]->IsString());
diff --git a/src/node_stat_watcher.cc b/src/node_stat_watcher.cc
index 5e47476fd97a0c..faf7a334c83310 100644
--- a/src/node_stat_watcher.cc
+++ b/src/node_stat_watcher.cc
@@ -97,11 +97,14 @@ void StatWatcher::Callback(uv_fs_poll_t* handle,
 void StatWatcher::New(const FunctionCallbackInfo<Value>& args) {
   CHECK(args.IsConstructCall());
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
   new StatWatcher(env, args.This(), args[0]->IsTrue());
 }
 
 // wrap.start(filename, interval)
 void StatWatcher::Start(const FunctionCallbackInfo<Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, fsRead);
   CHECK_EQ(args.Length(), 2);
 
   StatWatcher* wrap;
diff --git a/src/node_trace_events.cc b/src/node_trace_events.cc
index 6e70cfce7bed2e..c19cb0b2b3e9ec 100644
--- a/src/node_trace_events.cc
+++ b/src/node_trace_events.cc
@@ -63,6 +63,7 @@ void NodeCategorySet::New(const FunctionCallbackInfo<Value>& args) {
 
 void NodeCategorySet::Enable(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, modifyTraceEvents);
   NodeCategorySet* category_set;
   ASSIGN_OR_RETURN_UNWRAP(&category_set, args.Holder());
   CHECK_NOT_NULL(category_set);
@@ -75,6 +76,7 @@ void NodeCategorySet::Enable(const FunctionCallbackInfo<Value>& args) {
 
 void NodeCategorySet::Disable(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, modifyTraceEvents);
   NodeCategorySet* category_set;
   ASSIGN_OR_RETURN_UNWRAP(&category_set, args.Holder());
   CHECK_NOT_NULL(category_set);
diff --git a/src/node_v8.cc b/src/node_v8.cc
index fb0a9fea1e5d27..52f2a4cdf736de 100644
--- a/src/node_v8.cc
+++ b/src/node_v8.cc
@@ -111,6 +111,9 @@ void UpdateHeapSpaceStatisticsBuffer(const FunctionCallbackInfo<Value>& args) {
 
 
 void SetFlagsFromString(const FunctionCallbackInfo<Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, setV8Flags);
+
   CHECK(args[0]->IsString());
   String::Utf8Value flags(args.GetIsolate(), args[0]);
   V8::SetFlagsFromString(*flags, flags.length());
diff --git a/src/node_worker.cc b/src/node_worker.cc
index 06edb96804119b..c94ae637296ee6 100644
--- a/src/node_worker.cc
+++ b/src/node_worker.cc
@@ -103,6 +103,7 @@ Worker::Worker(Environment* env, Local<Object> wrap)
     env_->set_abort_on_uncaught_exception(false);
     env_->set_worker_context(this);
     env_->set_thread_id(thread_id_);
+    env_->access_control()->apply(*env->access_control());
 
     env_->Start(0, nullptr, 0, nullptr, env->profiler_idle_notifier_started());
   }
@@ -340,6 +341,7 @@ Worker::~Worker() {
 
 void Worker::New(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, createWorkers);
 
   CHECK(args.IsConstructCall());
 
@@ -351,6 +353,22 @@ void Worker::New(const FunctionCallbackInfo<Value>& args) {
   new Worker(env, args.This());
 }
 
+void Worker::ApplyAccessControl(const FunctionCallbackInfo<Value>& args) {
+  Worker* w;
+  ASSIGN_OR_RETURN_UNWRAP(&w, args.This());
+  CHECK(w->stopped_);
+
+  AccessControl access_control;
+  Local<Object> obj;
+  if (!args[0]->ToObject(w->env()->context()).ToLocal(&obj) ||
+      !AccessControl::FromObject(w->env()->context(), obj)
+          .To(&access_control)) {
+    return;
+  }
+
+  w->env_->access_control()->apply(access_control);
+}
+
 void Worker::StartThread(const FunctionCallbackInfo<Value>& args) {
   Worker* w;
   ASSIGN_OR_RETURN_UNWRAP(&w, args.This());
@@ -432,6 +450,7 @@ void InitWorker(Local<Object> target,
     env->SetProtoMethod(w, "stopThread", Worker::StopThread);
     env->SetProtoMethod(w, "ref", Worker::Ref);
     env->SetProtoMethod(w, "unref", Worker::Unref);
+    env->SetProtoMethod(w, "applyAccessControl", Worker::ApplyAccessControl);
 
     Local<String> workerString =
         FIXED_ONE_BYTE_STRING(env->isolate(), "Worker");
diff --git a/src/node_worker.h b/src/node_worker.h
index 33df36e04ce670..2b6e1b3c09aa72 100644
--- a/src/node_worker.h
+++ b/src/node_worker.h
@@ -39,6 +39,8 @@ class Worker : public AsyncWrap {
   bool is_stopped() const;
 
   static void New(const v8::FunctionCallbackInfo<v8::Value>& args);
+  static void ApplyAccessControl(
+      const v8::FunctionCallbackInfo<v8::Value>& args);
   static void StartThread(const v8::FunctionCallbackInfo<v8::Value>& args);
   static void StopThread(const v8::FunctionCallbackInfo<v8::Value>& args);
   static void GetMessagePort(const v8::FunctionCallbackInfo<v8::Value>& args);
diff --git a/src/pipe_wrap.cc b/src/pipe_wrap.cc
index a6044b6b267e47..e29baae3265b8f 100644
--- a/src/pipe_wrap.cc
+++ b/src/pipe_wrap.cc
@@ -163,6 +163,7 @@ PipeWrap::PipeWrap(Environment* env,
 void PipeWrap::Bind(const FunctionCallbackInfo<Value>& args) {
   PipeWrap* wrap;
   ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
+  THROW_IF_INSUFFICIENT_PERMISSIONS(wrap->env(), fsWrite);
   node::Utf8Value name(args.GetIsolate(), args[0]);
   int err = uv_pipe_bind(&wrap->handle_, *name);
   args.GetReturnValue().Set(err);
@@ -182,6 +183,7 @@ void PipeWrap::SetPendingInstances(const FunctionCallbackInfo<Value>& args) {
 void PipeWrap::Fchmod(const v8::FunctionCallbackInfo<v8::Value>& args) {
   PipeWrap* wrap;
   ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
+  THROW_IF_INSUFFICIENT_PERMISSIONS(wrap->env(), fsWrite);
   CHECK(args[0]->IsInt32());
   int mode = args[0].As<Int32>()->Value();
   int err = uv_pipe_chmod(reinterpret_cast<uv_pipe_t*>(&wrap->handle_),
@@ -193,6 +195,7 @@ void PipeWrap::Fchmod(const v8::FunctionCallbackInfo<v8::Value>& args) {
 void PipeWrap::Listen(const FunctionCallbackInfo<Value>& args) {
   PipeWrap* wrap;
   ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
+  THROW_IF_INSUFFICIENT_PERMISSIONS(wrap->env(), fsWrite);
   int backlog = args[0]->Int32Value();
   int err = uv_listen(reinterpret_cast<uv_stream_t*>(&wrap->handle_),
                       backlog,
@@ -206,6 +209,7 @@ void PipeWrap::Open(const FunctionCallbackInfo<Value>& args) {
 
   PipeWrap* wrap;
   ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
+  THROW_IF_INSUFFICIENT_PERMISSIONS(wrap->env(), fsWrite);
 
   int fd = args[0]->Int32Value();
 
@@ -222,6 +226,7 @@ void PipeWrap::Connect(const FunctionCallbackInfo<Value>& args) {
 
   PipeWrap* wrap;
   ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
+  THROW_IF_INSUFFICIENT_PERMISSIONS(wrap->env(), fsWrite);
 
   CHECK(args[0]->IsObject());
   CHECK(args[1]->IsString());
diff --git a/src/process_wrap.cc b/src/process_wrap.cc
index b54e17f21192d8..a7e01a01e84cbb 100644
--- a/src/process_wrap.cc
+++ b/src/process_wrap.cc
@@ -21,6 +21,7 @@
 
 #include "env-inl.h"
 #include "handle_wrap.h"
+#include "node_errors.h"
 #include "node_internals.h"
 #include "node_wrap.h"
 #include "stream_base-inl.h"
@@ -141,6 +142,8 @@ class ProcessWrap : public HandleWrap {
 
   static void Spawn(const FunctionCallbackInfo<Value>& args) {
     Environment* env = Environment::GetCurrent(args);
+    THROW_IF_INSUFFICIENT_PERMISSIONS(env, childProcesses);
+
     Local<Context> context = env->context();
     ProcessWrap* wrap;
     ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
@@ -282,6 +285,8 @@ class ProcessWrap : public HandleWrap {
 
   static void Kill(const FunctionCallbackInfo<Value>& args) {
     Environment* env = Environment::GetCurrent(args);
+    THROW_IF_INSUFFICIENT_PERMISSIONS(env, signalProcesses);
+
     ProcessWrap* wrap;
     ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
     int signal = args[0]->Int32Value(env->context()).FromJust();
diff --git a/src/spawn_sync.cc b/src/spawn_sync.cc
index 1e966e42c68ce6..6bc60709d77dac 100644
--- a/src/spawn_sync.cc
+++ b/src/spawn_sync.cc
@@ -370,6 +370,7 @@ void SyncProcessRunner::Initialize(Local<Object> target,
 
 void SyncProcessRunner::Spawn(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
+  THROW_IF_INSUFFICIENT_PERMISSIONS(env, childProcesses);
   env->PrintSyncTrace();
   SyncProcessRunner p(env);
   Local<Value> result = p.Run(args[0]);
diff --git a/src/tcp_wrap.cc b/src/tcp_wrap.cc
index e817087d97110b..39eaa19929daf4 100644
--- a/src/tcp_wrap.cc
+++ b/src/tcp_wrap.cc
@@ -204,6 +204,14 @@ void TCPWrap::Open(const FunctionCallbackInfo<Value>& args) {
   ASSIGN_OR_RETURN_UNWRAP(&wrap,
                           args.Holder(),
                           args.GetReturnValue().Set(UV_EBADF));
+
+  AccessControl* ac = wrap->env()->access_control();
+  if (!ac->has_permission(AccessControl::netIncoming) ||
+      !ac->has_permission(AccessControl::netOutgoing)) {
+    args.GetReturnValue().Set(UV_EPERM);
+    return;
+  }
+
   int fd = static_cast<int>(args[0]->IntegerValue());
   int err = uv_tcp_open(&wrap->handle_, fd);
 
@@ -219,6 +227,13 @@ void TCPWrap::Bind(const FunctionCallbackInfo<Value>& args) {
   ASSIGN_OR_RETURN_UNWRAP(&wrap,
                           args.Holder(),
                           args.GetReturnValue().Set(UV_EBADF));
+
+  AccessControl* ac = wrap->env()->access_control();
+  if (!ac->has_permission(AccessControl::netIncoming)) {
+    args.GetReturnValue().Set(UV_EPERM);
+    return;
+  }
+
   node::Utf8Value ip_address(args.GetIsolate(), args[0]);
   int port = args[1]->Int32Value();
   sockaddr_in addr;
@@ -237,6 +252,13 @@ void TCPWrap::Bind6(const FunctionCallbackInfo<Value>& args) {
   ASSIGN_OR_RETURN_UNWRAP(&wrap,
                           args.Holder(),
                           args.GetReturnValue().Set(UV_EBADF));
+
+  AccessControl* ac = wrap->env()->access_control();
+  if (!ac->has_permission(AccessControl::netIncoming)) {
+    args.GetReturnValue().Set(UV_EPERM);
+    return;
+  }
+
   node::Utf8Value ip6_address(args.GetIsolate(), args[0]);
   int port = args[1]->Int32Value();
   sockaddr_in6 addr;
@@ -255,6 +277,13 @@ void TCPWrap::Listen(const FunctionCallbackInfo<Value>& args) {
   ASSIGN_OR_RETURN_UNWRAP(&wrap,
                           args.Holder(),
                           args.GetReturnValue().Set(UV_EBADF));
+
+  AccessControl* ac = wrap->env()->access_control();
+  if (!ac->has_permission(AccessControl::netIncoming)) {
+    args.GetReturnValue().Set(UV_EPERM);
+    return;
+  }
+
   int backlog = args[0]->Int32Value();
   int err = uv_listen(reinterpret_cast<uv_stream_t*>(&wrap->handle_),
                       backlog,
@@ -271,6 +300,12 @@ void TCPWrap::Connect(const FunctionCallbackInfo<Value>& args) {
                           args.Holder(),
                           args.GetReturnValue().Set(UV_EBADF));
 
+  AccessControl* ac = wrap->env()->access_control();
+  if (!ac->has_permission(AccessControl::netOutgoing)) {
+    args.GetReturnValue().Set(UV_EPERM);
+    return;
+  }
+
   CHECK(args[0]->IsObject());
   CHECK(args[1]->IsString());
   CHECK(args[2]->IsUint32());
@@ -306,6 +341,12 @@ void TCPWrap::Connect6(const FunctionCallbackInfo<Value>& args) {
                           args.Holder(),
                           args.GetReturnValue().Set(UV_EBADF));
 
+  AccessControl* ac = wrap->env()->access_control();
+  if (!ac->has_permission(AccessControl::netOutgoing)) {
+    args.GetReturnValue().Set(UV_EPERM);
+    return;
+  }
+
   CHECK(args[0]->IsObject());
   CHECK(args[1]->IsString());
   CHECK(args[2]->IsUint32());
diff --git a/src/udp_wrap.cc b/src/udp_wrap.cc
index 9bcf6ceb7b3ed2..9421a50bb1dc00 100644
--- a/src/udp_wrap.cc
+++ b/src/udp_wrap.cc
@@ -175,6 +175,7 @@ void UDPWrap::DoBind(const FunctionCallbackInfo<Value>& args, int family) {
   ASSIGN_OR_RETURN_UNWRAP(&wrap,
                           args.Holder(),
                           args.GetReturnValue().Set(UV_EBADF));
+  THROW_IF_INSUFFICIENT_PERMISSIONS(wrap->env(), netConnectionless);
 
   // bind(ip, port, flags)
   CHECK_EQ(args.Length(), 3);
@@ -340,6 +341,7 @@ void UDPWrap::DoSend(const FunctionCallbackInfo<Value>& args, int family) {
   ASSIGN_OR_RETURN_UNWRAP(&wrap,
                           args.Holder(),
                           args.GetReturnValue().Set(UV_EBADF));
+  THROW_IF_INSUFFICIENT_PERMISSIONS(wrap->env(), netConnectionless);
 
   // send(req, list, list.length, port, address, hasCallback)
   CHECK(args[0]->IsObject());
@@ -425,6 +427,8 @@ void UDPWrap::RecvStart(const FunctionCallbackInfo<Value>& args) {
   ASSIGN_OR_RETURN_UNWRAP(&wrap,
                           args.Holder(),
                           args.GetReturnValue().Set(UV_EBADF));
+  THROW_IF_INSUFFICIENT_PERMISSIONS(wrap->env(), netConnectionless);
+
   int err = uv_udp_recv_start(&wrap->handle_, OnAlloc, OnRecv);
   // UV_EALREADY means that the socket is already bound but that's okay
   if (err == UV_EALREADY)
diff --git a/test/parallel/test-access-control.js b/test/parallel/test-access-control.js
new file mode 100644
index 00000000000000..37b3e7600b1da3
--- /dev/null
+++ b/test/parallel/test-access-control.js
@@ -0,0 +1,160 @@
+// Flags: --experimental-access-control
+'use strict';
+const common = require('../common');
+const tmpdir = require('../common/tmpdir');
+const assert = require('assert');
+const path = require('path');
+const fs = require('fs');
+const net = require('net');
+
+tmpdir.refresh();
+
+assert.deepStrictEqual(process.accessControl.getCurrent(), {
+  accessInspectorBindings: true,
+  childProcesses: true,
+  createWorkers: true,
+  fsRead: true,
+  fsWrite: true,
+  loadAddons: true,
+  modifyTraceEvents: true,
+  netConnectionless: true,
+  netIncoming: true,
+  netOutgoing: true,
+  setEnvironmentVariables: true,
+  setProcessAttrs: true,
+  setV8Flags: true,
+  signalProcesses: true
+});
+
+{
+  process.accessControl.apply({ setEnvironmentVariables: false });
+
+  assert.strictEqual(process.env.CANT_SET_ME, undefined);
+
+  common.expectsError(() => { process.env.CANT_SET_ME = 'bar'; }, {
+    type: Error,
+    message: 'Access to this API has been restricted',
+    code: 'ERR_ACCESS_DENIED'
+  });
+
+  assert.strictEqual(process.env.CANT_SET_ME, undefined);
+
+  assert.strictEqual(process.accessControl.getCurrent().setEnvironmentVariables,
+                     false);
+
+  // Setting any other permission to 'false' will also disable child processes
+  // or loading addons.
+  assert.strictEqual(process.accessControl.getCurrent().childProcesses,
+                     false);
+  assert.strictEqual(process.accessControl.getCurrent().loadAddons,
+                     false);
+
+  // Setting values previously set to 'false' back to 'true' should not work.
+  process.accessControl.apply({ setEnvironmentVariables: true });
+  assert.strictEqual(process.accessControl.getCurrent().setEnvironmentVariables,
+                     false);
+
+  process.accessControl.apply({ childProcesses: true });
+  assert.strictEqual(process.accessControl.getCurrent().childProcesses,
+                     false);
+}
+
+if (common.isMainThread) {
+  process.accessControl.apply({ setProcessAttrs: false });
+
+  common.expectsError(() => { process.title = 'doesntwork'; }, {
+    type: Error,
+    message: 'Access to this API has been restricted',
+    code: 'ERR_ACCESS_DENIED'
+  });
+}
+
+{
+  // Spin up echo server.
+  const server = net.createServer((sock) => sock.pipe(sock))
+    .listen(0, common.mustCall(() => {
+      const existingSocket = net.connect(server.address().port, '127.0.0.1');
+      existingSocket.once('connect', common.mustCall(() => {
+        process.accessControl.apply({ netOutgoing: false });
+
+        existingSocket.write('foo');
+        existingSocket.setEncoding('utf8');
+        existingSocket.once('data', common.mustCall((data) => {
+          assert.strictEqual(data, 'foo');
+          existingSocket.end();
+          server.close();
+        }));
+
+        net.connect(server.address().port, '127.0.0.1')
+          .once('error', common.expectsError({
+            type: Error,
+            message: /connect EPERM 127\.0\.0\.1:\d+/,
+            code: 'EPERM'
+          }));
+      }));
+    }));
+}
+
+{
+  process.accessControl.apply({ netIncoming: false });
+
+  net.createServer().listen(0).once('error', common.expectsError({
+    type: Error,
+    message: /listen EPERM 0\.0\.0\.0/,
+    code: 'EPERM'
+  }));
+}
+
+{
+  const writeStream = fs.createWriteStream(
+    path.join(tmpdir.path, 'writable-stream.txt'));
+
+  process.accessControl.apply({ fsWrite: false });
+
+  common.expectsError(() => { fs.writeFileSync('foo.txt', 'blah'); }, {
+    type: Error,
+    message: 'Access to this API has been restricted',
+    code: 'ERR_ACCESS_DENIED'
+  });
+
+  // The 'open' event is emitted because permissions were still available
+  // originally, but...
+  writeStream.on('open', common.mustCall(() => {
+    // ... actually writing data is forbidden.
+    common.expectsError(() => { writeStream.write('X'); }, {
+      type: Error,
+      message: 'Access to this API has been restricted',
+      code: 'ERR_ACCESS_DENIED'
+    });
+  }));
+}
+
+{
+  const readStream = fs.createReadStream(__filename);
+
+  // The fs module kicks off reading automatically by calling .read().
+  // We want to intercept the exception, so we have to wrap .read():
+  readStream.read = common.mustCall(() => {
+    common.expectsError(() => {
+      fs.ReadStream.prototype.read.call(readStream);
+    }, {
+      type: Error,
+      message: 'Access to this API has been restricted',
+      code: 'ERR_ACCESS_DENIED'
+    });
+  });
+
+  process.accessControl.apply({ fsRead: false });
+
+  common.expectsError(() => { fs.readFileSync('foo.txt'); }, {
+    type: Error,
+    message: 'Access to this API has been restricted',
+    code: 'ERR_ACCESS_DENIED'
+  });
+
+  common.expectsError(() => { require('nonexistent.js'); }, {
+    type: Error,
+    message: 'Access to this API has been restricted',
+    code: 'ERR_ACCESS_DENIED'
+  });
+}
diff --git a/test/parallel/test-cli-access-control.js b/test/parallel/test-cli-access-control.js
new file mode 100644
index 00000000000000..96ceb6ca4f6c71
--- /dev/null
+++ b/test/parallel/test-cli-access-control.js
@@ -0,0 +1,46 @@
+'use strict';
+require('../common');
+const assert = require('assert');
+const { spawnSync } = require('child_process');
+
+assert.strictEqual(
+  spawnSync(process.execPath, ['-p', 'process.accessControl'])
+    .stdout.toString().trim(), 'undefined');
+
+{
+  const { stdout, stderr } = spawnSync(
+    process.execPath,
+    ['--experimental-access-control', '-p', 'process.accessControl.apply']);
+  assert.strictEqual(stdout.toString().trim(), '[Function: apply]');
+  assert.strictEqual(
+    stderr.toString().trim(),
+    'Warning: Access control through disabling features is experimental and ' +
+    'may be changed at any time.');
+}
+
+{
+  const { stdout, stderr } = spawnSync(
+    process.execPath,
+    ['--disable=fsRead', '-p', 'process.accessControl.apply']);
+  assert.strictEqual(stdout.toString().trim(), '[Function: apply]');
+  assert.strictEqual(
+    stderr.toString().trim(),
+    'Warning: Access control through disabling features is experimental and ' +
+    'may be changed at any time.');
+}
+
+{
+  const { stderr } = spawnSync(process.execPath, ['--disable=unknown']);
+  assert.strictEqual(
+    stderr.toString().trim(),
+    `${process.execPath}: unknown --disable entry unknown`);
+}
+
+{
+  const { stderr } = spawnSync(
+    process.execPath,
+    ['--disable=fsRead', '-p', 'fs.readFileSync(process.execPath)']);
+  assert.ok(
+    stderr.toString().includes('Access to this API has been restricted'),
+    stderr);
+}
diff --git a/test/parallel/test-worker-access-control.js b/test/parallel/test-worker-access-control.js
new file mode 100644
index 00000000000000..c9c403f9776437
--- /dev/null
+++ b/test/parallel/test-worker-access-control.js
@@ -0,0 +1,57 @@
+// Flags: --experimental-worker --experimental-access-control
+'use strict';
+const common = require('../common');
+const assert = require('assert');
+const fs = require('fs');
+const child_process = require('child_process');
+const { Worker } = require('worker_threads');
+
+// Do not use isMainThread so that this test itself can be run inside a Worker.
+if (!process.env.HAS_STARTED_WORKER) {
+  process.env.HAS_STARTED_WORKER = 1;
+  const w = new Worker(__filename, {
+    accessControl: {
+      fsWrite: false,
+      childProcesses: false,
+      loadAddons: false,
+      createWorkers: false
+    }
+  });
+
+  w.on('exit', common.mustCall((code) => {
+    assert.strictEqual(code, 0);
+  }));
+} else {
+  // We needed fs read access to load modules before.
+  process.accessControl.apply({ fsRead: false });
+
+  common.expectsError(() => { fs.readFileSync(__filename); }, {
+    type: Error,
+    message: 'Access to this API has been restricted',
+    code: 'ERR_ACCESS_DENIED'
+  });
+
+  common.expectsError(() => { fs.writeFileSync(__filename, ''); }, {
+    type: Error,
+    message: 'Access to this API has been restricted',
+    code: 'ERR_ACCESS_DENIED'
+  });
+
+  common.expectsError(() => { child_process.spawnSync('node'); }, {
+    type: Error,
+    message: 'Access to this API has been restricted',
+    code: 'ERR_ACCESS_DENIED'
+  });
+
+  common.expectsError(() => { child_process.spawn('node'); }, {
+    type: Error,
+    message: 'Access to this API has been restricted',
+    code: 'ERR_ACCESS_DENIED'
+  });
+
+  common.expectsError(() => { new Worker(__filename); }, {
+    type: Error,
+    message: 'Access to this API has been restricted',
+    code: 'ERR_ACCESS_DENIED'
+  });
+}