Expand description
Scope-restricted capabilities via Attenuated<P, S>.
Attenuation narrows a capability’s reach. A Cap<FsRead> grants permission to
read any file; an Attenuated<FsRead, DirScope> grants permission to read files
only within a specific directory tree.
§Built-in scopes
Structs§
- Attenuated
- A capability that has been narrowed to a specific scope.
- DirScope
- Restricts filesystem operations to a directory subtree.
- Host
Scope - Restricts network operations to a set of allowed host prefixes.
Traits§
- Scope
- A restriction that narrows the set of targets a capability can act on.