open-ambient

Crates.ioopen-ambient
lib.rsopen-ambient
version0.5.0
sourcesrc
created_at2021-07-14 15:32:13.534685
updated_at2024-01-11 05:46:38.04367
descriptionOpen files and directories with constant paths
homepage
repositoryhttps://github.com/sunfishcode/open-ambient
max_upload_size
id422768
size43,644
Dan Gohman (sunfishcode)

documentation

README

open-ambient

Open files and directories with constant paths

Github Actions CI Status crates.io page docs.rs docs

One of the uses for ambient-authority is to mark places in the code which may be opening files or other resources in ways that may be influenced by untrusted inputs. Paths or other identifiers which are constant and known at compile time are safe. This crate provides macros for use with cap-std which open files and directories in a way that requires the paths to be constant and in a way that allows them to be ignored in a clippy scan for use of dynamic ambient authority.

To use, it add #![deny(clippy::disallowed_method)] to your code and copy the clippy.toml file, as described here, for example:

#![deny(clippy::disallowed_method)]

use open_ambient::open_ambient_file;

fn main() {
    let fine = open_ambient_file!("Cargo.toml").unwrap();
    // ... do stuff with `fine`
    drop(fine);

    let risky = std::fs::File::open("Cargo.toml").unwrap();
    // ... do stuff with `risky`
    drop(risky);
}

And run clippy configured with these instructions. The above code gets just one error:

error: use of a disallowed method `std::fs::File::open`
  --> test.rs:10:19
   |
10 |     let risky = std::fs::File::open("Cargo.toml").unwrap();
   |                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
   |

The open_ambient_file! line does not get an error, while the std::fs::File::open line does.

Commit count: 27

cargo fmt