Documentation
¶
Overview ¶
Package pathrs provides wrappers around filepath-securejoin to add the minimum set of features needed from libpathrs that are not provided by filepath-securejoin, with the eventual goal being that these can be used to ease the transition by converting them stubs when enabling libpathrs builds.
Index ¶
- func CreateInRoot(root, subpath string, flags int, fileMode uint32) (*os.File, error)
- func IsLexicallyInRoot(root, path string) bool
- func MkdirAllInRoot(root, unsafePath string, mode os.FileMode) error
- func MkdirAllInRootOpen(root, unsafePath string, mode os.FileMode) (*os.File, error)
- func OpenInRoot(root, subpath string, flags int) (*os.File, error)
- func ProcPidOpen(pid int, subpath string, flags int) (*os.File, error)
- func ProcSelfOpen(subpath string, flags int) (*os.File, error)
- func ProcThreadSelfOpen(subpath string, flags int) (_ *os.File, _ procfs.ProcThreadSelfCloser, Err error)
- func Reopen(file *os.File, flags int) (*os.File, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateInRoot ¶
CreateInRoot creates a new file inside a root (as well as any missing parent directories) and returns a handle to said file. This effectively has open(O_CREAT|O_NOFOLLOW) semantics. If you want the creation to use O_EXCL, include it in the passed flags. The fileMode argument uses unix.* mode bits, *not* os.FileMode.
func IsLexicallyInRoot ¶
IsLexicallyInRoot is shorthand for strings.HasPrefix(path+"/", root+"/"), but properly handling the case where path or root have a "/" suffix.
NOTE: The return value only make sense if the path is already mostly cleaned (i.e., doesn't contain "..", ".", nor unneeded "/"s).
func MkdirAllInRoot ¶
MkdirAllInRoot is a wrapper around MkdirAllInRootOpen which closes the returned handle, for callers that don't need to use it.
func MkdirAllInRootOpen ¶
MkdirAllInRootOpen attempts to make
path, _ := securejoin.SecureJoin(root, unsafePath) os.MkdirAll(path, mode) os.Open(path)
safer against attacks where components in the path are changed between SecureJoin returning and MkdirAll (or Open) being called. In particular, we try to detect any symlink components in the path while we are doing the MkdirAll.
NOTE: If unsafePath is a subpath of root, we assume that you have already called SecureJoin and so we use the provided path verbatim without resolving any symlinks (this is done in a way that avoids symlink-exchange races). This means that the path also must not contain ".." elements, otherwise an error will occur.
This uses (pathrs-lite).MkdirAllHandle under the hood, but it has special handling if unsafePath has already been scoped within the rootfs (this is needed for a lot of runc callers and fixing this would require reworking a lot of path logic).
func OpenInRoot ¶
OpenInRoot opens the given path inside the root with the provided flags. It is effectively shorthand for [securejoin.OpenInRoot] followed by [securejoin.Reopen].
func ProcPidOpen ¶
ProcPidOpen is a wrapper around procfs.Handle.OpenPid and pathrs.Reopen, to let you one-shot open a procfs file with the given flags.
func ProcSelfOpen ¶
ProcSelfOpen is a wrapper around procfs.Handle.OpenSelf and pathrs.Reopen, to let you one-shot open a procfs file with the given flags.
func ProcThreadSelfOpen ¶
func ProcThreadSelfOpen(subpath string, flags int) (_ *os.File, _ procfs.ProcThreadSelfCloser, Err error)
ProcThreadSelfOpen is a wrapper around procfs.Handle.OpenThreadSelf and pathrs.Reopen, to let you one-shot open a procfs file with the given flags. The returned procfs.ProcThreadSelfCloser needs the same handling as when using pathrs-lite.
Types ¶
This section is empty.
Source Files