Skip to main content

TrustGuard

rippy_cli::trust

Struct TrustGuard 

Source 
pub struct TrustGuard { /* private fields */ }
Expand description

Guard that wraps a config file modification to preserve trust.

Snapshots the file’s trust status before the write. After the write, call TrustGuard::commit to update the trust hash — but only if the pre-write content was verified as trusted. This prevents a TOCTOU attack where a malicious actor modifies the file between the last trust check and rippy’s write.

For newly created files (no prior content), use TrustGuard::for_new_file.

Implementations§

Source§

impl TrustGuard

Source

pub fn before_write(path: &Path) -> Self

Snapshot the trust state of an existing config file before modifying it.

Reads the file, checks trust status. If the file doesn’t exist yet (will be created by the write), was_trusted is false.

Source

pub fn for_new_file(path: &Path) -> Self

Create a guard for a file that is being newly created by the user.

commit() will unconditionally trust the new file since the user explicitly created it (e.g., rippy init).

Source

pub fn commit(self)

Update the trust hash after the write, if the pre-write state was trusted.

If the file was not trusted before the write (tampered or never approved), this is a no-op and a warning is logged.

Errors are logged to stderr but do not fail the caller.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> ArchivePointee for T

Source§

type ArchivedMetadata = ()

The archived version of the pointer metadata for this type.
Source§

fn pointer_metadata( _: &<T as ArchivePointee>::ArchivedMetadata, ) -> <T as Pointee>::Metadata

Converts some archived metadata to the pointer metadata for itself.
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> LayoutRaw for T

Source§

fn layout_raw(_: <T as Pointee>::Metadata) -> Result<Layout, LayoutError>

Returns the layout of the type.
Source§

impl<T, N1, N2> Niching<NichedOption<T, N1>> for N2
where T: SharedNiching<N1, N2>, N1: Niching<T>, N2: Niching<T>,

Source§

unsafe fn is_niched(niched: *const NichedOption<T, N1>) -> bool

Returns whether the given value has been niched. Read more
Source§

fn resolve_niched(out: Place<NichedOption<T, N1>>)

Writes data to out indicating that a T is niched.
Source§

impl<T> Pointee for T

Source§

type Metadata = ()

The metadata type for pointers and references to this type.
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.