Struct tectonic_bridge_core::SecuritySettings

source · 
pub struct SecuritySettings { /* private fields */ }
Expand description

A type for storing settings about potentially insecure engine features.

This type encapsulates configuration about which potentially insecure engine features are enabled. Methods that configure or instantiate engines require values of this type, and values of this type can only be created through centralized methods that respect standard environment variables, ensuring that there is some level of uniform control over the activation of any known-insecure features.

The purpose of this framework is to manage the use of engine features that are known to create security risks with untrusted input, but that trusted users may wish to use due to the extra functionalities they bring. (This is why these are settings and not simply security flaws!) The primary example of this is the TeX engine’s shell-escape feature.

Of course, this framework is only as good as our understanding of Tectonic’s security profile. Future versions might disable or restrict different pieces of functionality as new risks are discovered.

Implementations§

source§

impl SecuritySettings

source

pub fn new(stance: SecurityStance) -> Self

Create a new security configuration.

The stance argument specifies the high-level security stance. If your program will be run by a trusted user, they should be able to control the setting through a command-line argument or something comparable. Even if there is a request to enable known-insecure features, however, such a request might be overridden by other mechanisms. In particular, if the environment variable TECTONIC_UNTRUSTED_MODE is set to any value, insecure features will always be disabled regardless of the user-level setting. Other mechanisms for disable known-insecure features may be added in the future.

source

pub fn allow_shell_escape(&self) -> bool

Query whether the shell-escape TeX engine feature is allowed to be used.

source

pub fn allow_extra_search_paths(&self) -> bool

Query whether we’re allowed to specify extra paths to read files from.

Trait Implementations§

source§

impl Clone for SecuritySettings

source§

fn clone(&self) -> SecuritySettings

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for SecuritySettings

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Default for SecuritySettings

source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.