Crate firehazard
source · [−]Expand description
đ„ firehazard đ„
Create a fire hazard by locking down your (Microsoft) Windows so nobody can escape (your security sandbox.)
Unopinionated low level API bindings focused on soundness, safety, and stronger types over raw FFI.
You may be at hazard of being fired (or worse) for relying on this crate for security:
â ïž Warnings â ïž
0.0.0-yyyy-mm-dd
doesnât follow semver.- Iâm not subscribed to any security lists.
- I donât have anything alerting me to CVEs.
- This crate is probably not 100% sound. Bug reports welcome.
- I donât have any PGP keys for you to securely send me security bugs.
- Keep flammable materials away from heaters and other ignition sources.
- This isnât backed by a team or company. Nor me, frankly.
- I have no code reviewers.
- I havenât fuzz tested anything.
- My test coverage is mediocre.
- There is no red team.
- I havenât made a proper attempt to bypass even the example sandbox.
- Just because youâre paranoid, doesnât mean that they arenât out to get you.
- Rust has made me overconfident.
- Rust has made you overconfident.
- Keep emergency exits accessible and usable to avoid fire safety hazards.
- The false sense of security - that using this code will lure you into - may be worse than nothing at all.
- Test your fire alarms. The batteries are probably dead.
Quickstart
# Cargo.toml
[dependencies]
firehazard.git = "https://github.com/MaulingMonkey/firehazard"
License
Licensed under either of
- Apache License, Version 2.0 (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT)
at your option.
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
Modules
[docs.microsoft.com] ACCESS_MASK generic types, functions, and constants
[docs.microsoft.com]
ACL
/
ACE_HEADER
related types and manipulation functions
[docs.microsoft.com]
ACL
related types and manipulation functions
Allocators, deallocators, etc.
Debugger APIs from debugapi.h, dbgeng.h (not yet)
[docs.microsoft.com] Desktop APIs
[docs.microsoft.com]
Generic Kernel Object HANDLE
wrapping types and functions.
[docs.microsoft.com] Job Object types and fns
[docs.microsoft.com] Process mitigation policy types and functions
[docs.microsoft.com] Privilege related types and functions
[docs.microsoft.com]
Process OwnedHandle
and related fns
[docs.microsoft.com]
SID
related types and manipulation functions
[docs.microsoft.com]
Thread OwnedHandle
and related fns
[docs.microsoft.com] Access token handle types and related functions
[docs.microsoft.com] Window Station APIs
Macros
Structs
[docs.microsoft.com] DWORD/u32, typically from GetLastError, representing an error code, hresult, or ntstatus
[docs.microsoft.com] LUID (~ a 32-bit aligned u64
/ âLocally Unique IDentifierâ)