Expand description
Execution engine — telemetry-wrapped capability execution.
Wraps every capability execution with: telemetry capture → resource check → WAL log → validate → execute → WAL log
Capabilities execute with a 30-second timeout to prevent runaway executions.
WAL goes to /tmp by default since the daemon may not have write access to
/var/lib in all deployment environments. Override with RUNTIMO_WAL_PATH
env var.
§Subprocess Isolation Limitation (FINDING #17)
Current limitation: Capabilities execute in the same process as the executor. There is no subprocess isolation, sandbox, or seccomp filtering. A misbehaving capability can:
- Access all memory of the executor process
- Open arbitrary files (subject to path validation)
- Spawn child processes without restriction
Mitigations in place:
- Path validation restricts file access to allowed prefixes
- LlmoSafeGuard provides CPU/RAM circuit breakers
- WAL logging provides audit trail for all operations
- Process snapshot tracks spawned PIDs
- Zombie process guard rejects execution if zombie_count > 10
v0.2.0 planned: True subprocess isolation via:
tokio::spawn_blockingwith cancellation tokens- Optional seccomp-bpf filtering for Linux
- Namespace isolation (mount, PID, network)
- Capability-specific resource cgroups
§Example
ⓘ
use runtimo_core::{FileRead, execute_with_telemetry};
use serde_json::json;
use std::path::Path;
let cap = FileRead;
let result = execute_with_telemetry(
&cap,
&json!({"path": "/tmp/test.txt"}),
false,
Path::new("/tmp/runtimo.wal"),
).unwrap();
assert!(result.success);Structs§
- Execution
Result - Result of a telemetry-wrapped capability execution.
Functions§
- execute_
with_ telemetry - Execute a capability with full telemetry, resource guarding, and WAL logging.
- execute_
with_ telemetry_ and_ session - Execute a capability with session tracking and specified timeout.