pub fn set_var(
key: impl AsRef<OsStr>,
value: impl AsRef<OsStr>,
cap: &impl CapProvider<EnvWrite>,
) -> Result<(), CapSecError>Expand description
Sets an environment variable.
Requires EnvWrite permission.
§Safety note
In Rust edition 2024, std::env::set_var is unsafe because it’s not
thread-safe. This wrapper encapsulates that unsafety.
§Thread safety
std::env::set_var is not thread-safe. Even though Cap<EnvWrite> can be
cloned and transferred across threads via make_send(), calling this
function concurrently from multiple threads is undefined behavior. The
capability system tracks permission, not exclusivity — synchronization
is the caller’s responsibility.
§Errors
The underlying std::env::set_var is infallible (panics on failure).
The Err path only triggers from CapProvider scope checks.