Crate proc_canonicalize

Expand description

§proc-canonicalize

A patch for std::fs::canonicalize that preserves Linux /proc/PID/root and /proc/PID/cwd namespace boundaries.

§The Problem

On Linux, /proc/PID/root is a “magic symlink” that crosses into a process’s mount namespace. However, std::fs::canonicalize resolves it to /, breaking security boundaries. This crate preserves the /proc/PID/root and /proc/PID/cwd prefixes:

use std::path::Path;

// BROKEN: std::fs::canonicalize loses the namespace prefix!
let std_resolved = std::fs::canonicalize("/proc/self/root/etc")?;
assert_eq!(std_resolved, Path::new("/etc"));  // Resolves to host's /etc!

// FIXED: Namespace prefix is preserved!
let resolved = proc_canonicalize::canonicalize("/proc/self/root/etc")?;
assert_eq!(resolved, Path::new("/proc/self/root/etc"));

§Platform Support

Linux: Full functionality - preserves /proc/PID/root and /proc/PID/cwd
Other platforms: Falls back to std::fs::canonicalize (no-op)

§Zero Dependencies

This crate has no dependencies beyond the Rust standard library.

§Optional Features

dunce (Windows only): Simplifies Windows extended-length paths by removing the \\?\ prefix when possible (e.g., \\?\C:\foo becomes C:\foo). Automatically preserves the prefix when needed (e.g., for paths longer than 260 characters). Enable with features = ["dunce"].

Functions§

canonicalize: Canonicalize a path, preserving Linux /proc/PID/root and /proc/PID/cwd boundaries.

Crate proc_canonicalize

Crate proc_canonicalize Copy item path

§proc-canonicalize

§The Problem

§Platform Support

§Zero Dependencies

§Optional Features

Functions§

Crate proc_canonicalize