cap_primitives/fs/
set_permissions.rs

1//! This defines `set_permissions`, the primary entrypoint to sandboxed
2//! filesystem permissions modification.
3
4#[cfg(racy_asserts)]
5use crate::fs::{map_result, stat, stat_unchecked, FollowSymlinks, Metadata};
6use crate::fs::{set_permissions_impl, set_symlink_permissions_impl, Permissions};
7use std::path::Path;
8use std::{fs, io};
9
10/// Perform a `chmodat`-like operation, ensuring that the resolution of the
11/// path never escapes the directory tree rooted at `start`.
12#[cfg_attr(not(racy_asserts), allow(clippy::let_and_return))]
13#[inline]
14pub fn set_permissions(start: &fs::File, path: &Path, perm: Permissions) -> io::Result<()> {
15    #[cfg(racy_asserts)]
16    let perm_clone = perm.clone();
17
18    #[cfg(racy_asserts)]
19    let stat_before = stat(start, path, FollowSymlinks::Yes);
20
21    // Call the underlying implementation.
22    let result = set_permissions_impl(start, path, perm);
23
24    #[cfg(racy_asserts)]
25    let stat_after = stat_unchecked(start, path, FollowSymlinks::Yes);
26
27    #[cfg(racy_asserts)]
28    check_set_permissions(start, path, perm_clone, &stat_before, &result, &stat_after);
29
30    result
31}
32
33/// Perform a `chmodat`-like operation, ensuring that the resolution of the
34/// path never escapes the directory tree rooted at `start`, without following
35/// symlinks.
36#[cfg_attr(not(racy_asserts), allow(clippy::let_and_return))]
37#[inline]
38pub fn set_symlink_permissions(start: &fs::File, path: &Path, perm: Permissions) -> io::Result<()> {
39    #[cfg(racy_asserts)]
40    let perm_clone = perm.clone();
41
42    #[cfg(racy_asserts)]
43    let stat_before = stat(start, path, FollowSymlinks::No);
44
45    // Call the underlying implementation.
46    let result = set_symlink_permissions_impl(start, path, perm);
47
48    #[cfg(racy_asserts)]
49    let stat_after = stat_unchecked(start, path, FollowSymlinks::No);
50
51    #[cfg(racy_asserts)]
52    check_set_permissions(start, path, perm_clone, &stat_before, &result, &stat_after);
53
54    result
55}
56
57#[cfg(racy_asserts)]
58fn check_set_permissions(
59    start: &fs::File,
60    path: &Path,
61    perm: Permissions,
62    stat_before: &io::Result<Metadata>,
63    result: &io::Result<()>,
64    stat_after: &io::Result<Metadata>,
65) {
66    match (
67        map_result(stat_before),
68        map_result(result),
69        map_result(stat_after),
70    ) {
71        (Ok(_), Ok(()), Ok(metadata)) => {
72            assert_eq!(perm, metadata.permissions());
73        }
74
75        (Ok(metadata_before), Err(_), Ok(metadata_after)) => {
76            assert_eq!(metadata_before.permissions(), metadata_after.permissions());
77        }
78
79        // TODO: Check error messages
80        (Err(_), Err(_), Err(_)) => (),
81
82        other => panic!(
83            "inconsistent set_permissions checks: start='{:?}' path='{}':\n{:#?}",
84            start,
85            path.display(),
86            other,
87        ),
88    }
89}
cap_primitives/fs/set_permissions.rs

cap_primitives/fs/
set_permissions.rs
