leucite 1.0.0

A library for sandboxing and limiting command execution

Coverage
70.37%
19 out of 27 items documented2 out of 19 items with examples
Size
Source code size: 58.93 kB This is the summed size of all the files inside the crates.io package for this release.
Documentation size: 1.16 MB This is the summed size of all files generated by rustdoc for all configured targets
Links
basalt-rs/leucite
4 2 3
crates.io
Dependencies
Versions
Owners

leucite

A library for sandboxing and limiting command execution through Linux landlock and prlimit.

Example


// Execute `bash -i` in the `/tmp/foo` directory using the provided rules
Command::new("bash")
    .arg("-i")
    .current_dir("/tmp/foo")
    .env_clear()
    .restrict(
        Rules::new()
            .add_read_only("/usr")
            .add_read_only("/etc")
            .add_read_only("/dev")
            .add_read_only("/bin")
            .add_read_write("/tmp/foo")
            .into()
    )
    .max_memory(MemorySize::from_mb(100))
    .spawn()?
    .wait()?;