leucite
| Crates.io | leucite |
| lib.rs | leucite |
| version | 1.0.0 |
| created_at | 2024-12-18 23:25:42.618525+00 |
| updated_at | 2025-08-13 05:16:51.212654+00 |
| description | A library for sandboxing and limiting command execution |
| homepage | |
| repository | https://github.com/basalt-rs/leucite |
| max_upload_size | |
| id | 1488594 |
| size | 59,432 |
Leads (github:basalt-rs:leads)
documentation
README
leucite
A library for sandboxing and limiting command execution through Linux landlock and prlimit.
Example
// Execute `bash -i` in the `/tmp/foo` directory using the provided rules
Command::new("bash")
.arg("-i")
.current_dir("/tmp/foo")
.env_clear()
.restrict(
Rules::new()
.add_read_only("/usr")
.add_read_only("/etc")
.add_read_only("/dev")
.add_read_only("/bin")
.add_read_write("/tmp/foo")
.into()
)
.max_memory(MemorySize::from_mb(100))
.spawn()?
.wait()?;