Crates.io | cap-std |
lib.rs | cap-std |
version | 3.4.1 |
source | src |
created_at | 2020-06-25 21:01:04.347897 |
updated_at | 2024-11-05 16:22:02.109436 |
description | Capability-based version of the Rust standard library |
homepage | |
repository | https://github.com/bytecodealliance/cap-std |
max_upload_size | |
id | 258181 |
size | 206,894 |
This crate provides a capability-based version of std
, providing
sandboxed filesystem, networking, and clock APIs. See the toplevel README.md
for more information about sandboxing using capability-based security.
The filesystem module cap_std::fs
, the networking module cap_std::net
,
and the time module cap_std::time
currently support Linux, macOS, FreeBSD,
and Windows. WASI support is in development, though not yet usable.
Example usage of Dir
for filesystem access:
use std::io;
use cap_std::fs::Dir;
/// Open files relative to `dir`.
fn dir_example(dir: &Dir) -> io::Result<()> {
// This works (assuming symlinks don't lead outside of `dir`).
let file = dir.open("the/thing.txt")?;
// This fails, since `..` leads outside of `dir`.
let hidden = dir.open("../hidden.txt")?;
// This fails, as creating symlinks to absolute paths is not permitted.
dir.symlink("/hidden.txt", "misdirection.txt")?;
// However, even if the symlink had succeeded, or, if there is a
// pre-existing symlink to an absolute directory, following a
// symlink which would lead outside the sandbox also fails.
let secret = dir.open("misdirection.txt")?;
Ok(())
}
Example usage of Pool
for network access:
use std::io;
use cap_std::net::Pool;
/// Open network addresses within `pool`.
fn pool_example(pool: &Pool) -> io::Result<()> {
// Connect to an address. This succeeds only if the given address and
// port are present in `pool`.
let stream = pool.connect_tcp_stream("localhost:3333")?;
Ok(())
}