Module process 

Process hardening, trusted binary discovery, and timeout utilities.

Any binary that handles hardware-backed secret material should call harden_process as the first line of main() — before argument parsing, environment inspection, or decryption.

find_trusted_binary locates sibling binaries (agent, bridge, etc.) in platform-appropriate install directories, deliberately excluding PATH and ~/.cargo/bin to prevent attacker-controlled PATH entries from hijacking daemon launches.

Structs

BinaryDiscoveryContext

Inputs to find_trusted_binary_with_context. Parameterized so callers can inject synthetic paths in tests (and so the real call site stays a thin wrapper over std::env::current_exe + dirs::home_dir).

Enums

TimeoutResult

Result of a bounded subprocess operation.

Functions

find_trusted_binary

Convenience wrapper: discover binary_name using the current process’s environment. Every enclaveapp consumer should prefer this over PATH lookups — an attacker who controls the user’s PATH should not be able to redirect enclaveapp’s launch of its own daemons.

find_trusted_binary_with_context

Look for binary_name inside the install directories of app app_name, in the order they’re typically shipped. Returns the canonical path of the first match that exists and looks executable, or None if no candidate qualifies.

harden_process

Apply process-level security hardening.

run_status_with_timeout

Spawn a command (inheriting stdout/stderr) and wait for its exit status bounded by timeout. Kills the child on timeout.

run_with_timeout

Spawn a command with piped stdout/stderr and run it to completion bounded by timeout.

wait_with_timeout

Wait for a child process to exit, or return TimedOut after timeout elapses. On timeout, the caller is responsible for killing the child.