Struct fs_mistrust::Mistrust
source · pub struct Mistrust { /* private fields */ }
Expand description
Configuration for verifying that a file or directory is really “private”.
By default, we mistrust everything that we can: we assume that every directory on the filesystem is potentially misconfigured. This object can be used to change that.
Once you have a working Mistrust
, you can call its “check_*
” methods
directly, or use verifier()
to configure a more
complicated check.
See the crate documentation for more information.
§TODO
- support more kinds of trust configuration, including more trusted users, trusted groups, multiple trusted directories, etc?
Implementations§
source§impl Mistrust
impl Mistrust
sourcepub fn builder() -> MistrustBuilder
pub fn builder() -> MistrustBuilder
Return a new MistrustBuilder
.
sourcepub fn new() -> Self
pub fn new() -> Self
Initialize a new default Mistrust
.
By default:
- we will inspect all directories that are used to resolve any path that is checked.
sourcepub fn new_dangerously_trust_everyone() -> Self
pub fn new_dangerously_trust_everyone() -> Self
Construct a new Mistrust
that trusts all users and all groups.
(In effect, this Mistrust
will have all of its permissions checks
disabled, since if all users and groups are trusted, it doesn’t matter
what the permissions on any file and directory are.)
sourcepub fn verifier(&self) -> Verifier<'_>
pub fn verifier(&self) -> Verifier<'_>
Create a new Verifier
with this configuration, to perform a single check.
sourcepub fn check_directory<P: AsRef<Path>>(&self, dir: P) -> Result<()>
pub fn check_directory<P: AsRef<Path>>(&self, dir: P) -> Result<()>
Verify that dir
is a directory that only trusted users can read from,
list the files in, or write to.
If it is, and we can verify that, return Ok(())
. Otherwise, return
the first problem that we encountered when verifying it.
m.check_directory(dir)
is equivalent to
m.verifier().require_directory().check(dir)
. If you need different
behavior, see Verifier
for more options.