Struct CapRoot 

pub struct CapRoot { /* private fields */ }

The root of all capabilities. Only one can exist per process.

CapRoot has full ambient authority — it can grant any permission. It exists to make authority explicit: every capability in your program traces back to a CapRoot::grant call.

Example

let root = test_root();
let fs_cap = root.grant::<FsRead>();

Implementations

impl CapRoot

pub fn grant<P: Permission>(&self) -> Cap<P>

Grants a capability token for permission P.

The returned Cap<P> is a zero-sized proof that the holder has permission P. This is the only way to obtain a capability token.

Example

let root = test_root();

// Individual capabilities:
let fs_cap = root.grant::<FsRead>();
let net_cap = root.grant::<NetConnect>();

// Or bundle multiple permissions in one token:
let combo = root.grant::<(FsRead, NetConnect)>();

pub fn fs_read(&self) -> Cap<FsRead>

Grants a Cap<FsRead> for filesystem read access.

pub fn fs_write(&self) -> Cap<FsWrite>

Grants a Cap<FsWrite> for filesystem write access.

pub fn fs_all(&self) -> Cap<FsAll>

Grants a Cap<FsAll> for full filesystem access.

pub fn net_connect(&self) -> Cap<NetConnect>

Grants a Cap<NetConnect> for outbound network connections.

pub fn net_bind(&self) -> Cap<NetBind>

Grants a Cap<NetBind> for binding network listeners.

pub fn net_all(&self) -> Cap<NetAll>

Grants a Cap<NetAll> for full network access.

pub fn env_read(&self) -> Cap<EnvRead>

Grants a Cap<EnvRead> for reading environment variables.

pub fn env_write(&self) -> Cap<EnvWrite>

Grants a Cap<EnvWrite> for writing environment variables.

pub fn spawn(&self) -> Cap<Spawn>

Grants a Cap<Spawn> for subprocess execution.

pub fn ambient(&self) -> Cap<Ambient>

Grants a Cap<Ambient> with full ambient authority.