Skip to content

sunfishcode/open-ambient

open-ambient

Open files and directories with constant paths

Github Actions CI Status crates.io page docs.rs docs

One of the uses for ambient-authority is to mark places in the code which may be opening files or other resources in ways that may be influenced by untrusted inputs. Paths or other identifiers which are constant and known at compile time are safe. This crate provides macros for use with cap-std which open files and directories in a way that requires the paths to be constant and in a way that allows them to be ignored in a clippy scan for use of dynamic ambient authority.

To use, it add #![deny(clippy::disallowed_method)] to your code and copy the clippy.toml file, as described here, for example:

#![deny(clippy::disallowed_method)]

use open_ambient::open_ambient_file;

fn main() {
    let fine = open_ambient_file!("Cargo.toml").unwrap();
    // ... do stuff with `fine`
    drop(fine);

    let risky = std::fs::File::open("Cargo.toml").unwrap();
    // ... do stuff with `risky`
    drop(risky);
}

And run clippy configured with these instructions. The above code gets just one error:

error: use of a disallowed method `std::fs::File::open`
  --> test.rs:10:19
   |
10 |     let risky = std::fs::File::open("Cargo.toml").unwrap();
   |                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
   |

The open_ambient_file! line does not get an error, while the std::fs::File::open line does.

About

Open files and directories with constant paths

Resources

License

Unknown and 2 other licenses found

Licenses found

Apache-2.0
LICENSE-APACHE
Apache-2.0
LICENSE-Apache-2.0_WITH_LLVM-exception
MIT
LICENSE-MIT

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published

Languages