FileRights

capsicum

Struct FileRights 

Source 
pub struct FileRights(/* private fields */);
Expand description

Used to reduce (but never expand) the capabilities on a file descriptor.

§See Also

cap_rights_limit(2).

§Example

let mut file = tempfile().unwrap();
FileRights::new()
    .allow(Right::Read)
    .limit(&file).unwrap();

capsicum::enter().unwrap();

let mut buf = vec![0u8; 80];
file.read(&mut buf[..]).unwrap();

let e = file.write(&buf[..]).unwrap_err();
assert_eq!(e.raw_os_error(), Some(libc::ENOTCAPABLE));

Implementations§

Source§

impl FileRights

Source

pub fn new() -> Self

Initialize a new FileRights which will deny all rights.

Source

pub fn from_file<F: AsFd>(f: &F) -> Result<FileRights>

Retrieve the list of rights currently allowed for the given file.

§Example
let file = tempfile().unwrap();
let mut rights = FileRights::new();
rights.allow(Right::Read);

rights.limit(&file).unwrap();
let rights2 = FileRights::from_file(&file).unwrap();
assert_eq!(rights, rights2);
§See Also

cap_rights_get(3)

Source

pub fn allow(&mut self, right: Right) -> &mut Self

Add a new Right to the list of allowed rights.

Source

pub fn contains(&self, other: &FileRights) -> bool

Checks if self contains all of the rights present in other.

§Example
let mut rights1 = FileRights::new();
rights1.allow(Right::Read);
rights1.allow(Right::Write);
let mut rights2 = FileRights::new();
rights2.allow(Right::Write);
assert!(rights1.contains(&rights2));

let mut rights3 = FileRights::new();
rights3.allow(Right::Read);
rights3.allow(Right::Seek);
assert!(!rights1.contains(&rights3));
Source

pub fn is_set(&self, right: Right) -> bool

Is the given Right set here?

§Example

let mut rights = FileRights::new();
rights.allow(Right::Read);
assert!(rights.is_set(Right::Read));
assert!(!rights.is_set(Right::Write));
Source

pub fn is_valid(&self) -> bool

👎Deprecated since 0.4.0: Unnecessary unless you use FileRights::new
Source

pub fn merge(&mut self, other: &FileRights) -> Result<()>

Add all rights present in other to this structure.

Source

pub fn remove(&mut self, other: &FileRights) -> Result<()>

Remove any rights present in other from this structure, if they are set.

Source

pub fn set(&mut self, raw_rights: Right) -> Result<()>

👎Deprecated since 0.4.0: use FileRights::allow instead
Source

pub fn clear(&mut self, raw_rights: Right) -> Result<()>

👎Deprecated since 0.4.0: use FileRights::deny instead
Source

pub fn deny(&mut self, right: Right) -> &mut Self

Remove an allowed Right from the list.

Trait Implementations§

Source§

impl CapRights for FileRights

Source§

fn limit<F: AsFd>(&self, f: &F) -> Result<()>

Reduce the process’s allowed rights to a file descriptor. Read more
Source§

impl Clone for FileRights

Source§

fn clone(&self) -> FileRights

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for FileRights

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for FileRights

Source§

fn default() -> Self

Returns the “default value” for a type. Read more
Source§

impl PartialEq for FileRights

Source§

fn eq(&self, other: &FileRights) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Copy for FileRights

Source§

impl Eq for FileRights

Source§

impl StructuralPartialEq for FileRights

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.