Struct fs_mistrust::MistrustBuilder

source ·

pub struct MistrustBuilder { /* private fields */ }

Expand description

Builder for Mistrust.

Implementations§

source §

impl MistrustBuilder

source

pub fn ignore_prefix<VALUE: Into<PathBuf>>(&mut self, value: VALUE) -> &mut Self

If the user called MistrustBuilder::ignore_prefix, what did they give us?

(This is stored in canonical form.)

source

pub fn trust_user<VALUE: Into<TrustedUser>>( &mut self, value: VALUE ) -> &mut Self

Available on target_family="unix" and non-iOS and non-Android only.

What user ID do we trust by default (if any?)

source

pub fn trust_group<VALUE: Into<TrustedGroup>>( &mut self, value: VALUE ) -> &mut Self

Available on target_family="unix" and non-iOS and non-Android only.

What group ID do we trust by default (if any?)

source

pub fn build(&self) -> Result<Mistrust, Error>

Builds a new Mistrust.

§Errors

If a required field has not been initialized.

source §

impl MistrustBuilder

source

pub fn trust_admin_only(&mut self) -> &mut Self

Available on target_family="unix" and non-iOS and non-Android only.

Configure this Mistrust to trust only the admin (root) user.

By default, both the currently running user and the root user will be trusted.

This option disables the default group-trust behavior as well.

source

pub fn trust_no_group_id(&mut self) -> &mut Self

Available on target_family="unix" and non-iOS and non-Android only.

Configure this Mistrust to trust no groups at all.

By default, we trust the group (if any) with the same name as the current user if we are currently running as a member of that group.

With this option set, no group is trusted, and any group-readable or group-writable objects are treated the same as world-readable and world-writable objects respectively.

source

pub fn dangerously_trust_everyone(&mut self) -> &mut Self

Configure this Mistrust to trust every user and every group.

With this option set, every file and directory is treated as having valid permissions: even world-writeable files are allowed. File-type checks are still performed.

This option is mainly useful to handle cases where you want to make these checks optional, and still use CheckedDir without having to implement separate code paths for the “checking on” and “checking off” cases.

Setting this flag will supersede any value set in the environment.

source

pub fn remove_ignored_prefix(&mut self) -> &mut Self

Remove any ignored prefix, restoring this MistrustBuilder to a state as if MistrustBuilder::ignore_prefix had not been called.

source

pub fn controlled_by_env_var(&mut self, var: &str) -> &mut Self

Configure this MistrustBuilder to become disabled based on the environment variable var.

(If the variable is “false”, “no”, or “0”, it will be treated as false; other values are treated as true.)

If var is not set, then we’ll look at $FS_MISTRUST_DISABLE_PERMISSIONS_CHECKS.

source

pub fn controlled_by_env_var_if_not_set(&mut self, var: &str) -> &mut Self

Like controlled_by_env_var, but do not override any previously set environment settings.

(The arti-client wants this, so that it can inform a caller-supplied MistrustBuilder about its Arti-specific env var, but only if the caller has not already provided a variable of its own. Other code embedding fs-mistrust may want it too.)

source