Struct tectonic_bridge_core::SecuritySettings
source · pub struct SecuritySettings { /* private fields */ }
Expand description
A type for storing settings about potentially insecure engine features.
This type encapsulates configuration about which potentially insecure engine features are enabled. Methods that configure or instantiate engines require values of this type, and values of this type can only be created through centralized methods that respect standard environment variables, ensuring that there is some level of uniform control over the activation of any known-insecure features.
The purpose of this framework is to manage the use of engine features that are known to create security risks with untrusted input, but that trusted users may wish to use due to the extra functionalities they bring. (This is why these are settings and not simply security flaws!) The primary example of this is the TeX engine’s shell-escape feature.
Of course, this framework is only as good as our understanding of Tectonic’s security profile. Future versions might disable or restrict different pieces of functionality as new risks are discovered.
Implementations§
source§impl SecuritySettings
impl SecuritySettings
sourcepub fn new(stance: SecurityStance) -> Self
pub fn new(stance: SecurityStance) -> Self
Create a new security configuration.
The stance argument specifies the high-level security stance. If your
program will be run by a trusted user, they should be able to control
the setting through a command-line argument or something comparable.
Even if there is a request to enable known-insecure features, however,
such a request might be overridden by other mechanisms. In particular,
if the environment variable TECTONIC_UNTRUSTED_MODE
is set to any
value, insecure features will always be disabled regardless of the
user-level setting. Other mechanisms for disable known-insecure features
may be added in the future.
sourcepub fn allow_shell_escape(&self) -> bool
pub fn allow_shell_escape(&self) -> bool
Query whether the shell-escape TeX engine feature is allowed to be used.
sourcepub fn allow_extra_search_paths(&self) -> bool
pub fn allow_extra_search_paths(&self) -> bool
Query whether we’re allowed to specify extra paths to read files from.
Trait Implementations§
source§impl Clone for SecuritySettings
impl Clone for SecuritySettings
source§fn clone(&self) -> SecuritySettings
fn clone(&self) -> SecuritySettings
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read more