Expand description
A zero-dependency filesystem sandbox for Rust.
Restricts paths to a root directory, preventing traversal attacks while supporting files that don’t exist yet.
§Quick Start
For one-off validation, use the join function:
let safe_path = path_jail::join("/var/uploads", "user/file.txt")?;
std::fs::write(&safe_path, b"hello")?;For validating multiple paths, create a Jail and reuse it:
use path_jail::Jail;
let jail = Jail::new("/var/uploads")?;
let path1 = jail.join("report.pdf")?;
let path2 = jail.join("data.csv")?;§Type-Safe Paths
For compile-time guarantees, use JailedPath:
use path_jail::{Jail, JailedPath};
fn save_upload(path: JailedPath, data: &[u8]) -> std::io::Result<()> {
// path is guaranteed to be inside the jail
std::fs::write(&path, data)
}
let jail = Jail::new("/var/uploads")?;
let path = jail.join_typed("report.pdf")?;
save_upload(path, b"data")?;§Security
This crate blocks:
- Path traversal (
../../etc/passwd) - Symlink escapes (symlinks pointing outside the jail)
- Absolute path injection (
/etc/passwd) - Null byte injection (
file\x00.txt) - Broken symlinks (cannot verify target)
See Jail for details on the security model.
Structs§
- Jail
- A filesystem sandbox that restricts paths to a root directory.
- Jailed
Path - A path verified to be inside a
Jail.
Enums§
Functions§
- join
- Validate a path in one shot.