Expand description
§proc-canonicalize
A patch for std::fs::canonicalize that preserves Linux /proc/PID/root and
/proc/PID/cwd namespace boundaries.
§The Problem
On Linux, /proc/PID/root is a “magic symlink” that crosses into a process’s
mount namespace. However, std::fs::canonicalize resolves it to /, losing
the namespace context:
std::fs::canonicalize("/proc/1234/root") -> "/"
std::fs::canonicalize("/proc/1234/root/etc/passwd") -> "/etc/passwd"This breaks security tools that use /proc/PID/root as a boundary for container
filesystem access, because the boundary resolves to the host root!
§The Fix
This crate detects /proc/PID/root and /proc/PID/cwd prefixes and preserves them:
proc_canonicalize::canonicalize("/proc/1234/root") -> "/proc/1234/root"
proc_canonicalize::canonicalize("/proc/1234/root/etc/passwd") -> "/proc/1234/root/etc/passwd"For all other paths, behavior is identical to std::fs::canonicalize.
§Platform Support
- Linux: Full functionality - preserves
/proc/PID/rootand/proc/PID/cwd - Other platforms: Falls back to
std::fs::canonicalize(no-op)
§Zero Dependencies
This crate has no dependencies beyond the Rust standard library.
§Optional Features
dunce(Windows only): Simplifies Windows extended-length paths by removing the\\?\prefix when possible (e.g.,\\?\C:\foobecomesC:\foo). This makes paths more readable but may lose some Windows path capabilities. Enable withfeatures = ["dunce"]in yourCargo.toml.
Functions§
- canonicalize
- Canonicalize a path, preserving Linux
/proc/PID/rootand/proc/PID/cwdboundaries.