Skip to main content

Module local_env

Module local_env 

Source
Expand description

The real local-filesystem SessionEnv.

Tools run against a real directory on disk via tokio::fs + tokio::process. Path containment is enforced: model-facing paths are relative, .. is rejected, and resolved paths must stay under the canonicalized root.

See SECURITY.md: this is not an OS-level sandbox (no chroot/landlock/ UID separation). It prevents accidental path escape; it is not a defense against a determined adversary until OS isolation lands.

Structsยง

LocalSessionEnv
A SessionEnv backed by a real local directory.