Aviram Hassan (Oct 26 2022 at 07:49): Aviram Hassan (Oct 26 2022 at 07:49):Hey all, just stumbled upon cap-std - it looks great!
I have a use case that might be a bit unique.
I want to access paths as if I'm running from a specific process. Right now we do it by accessing the process' /proc/{pid}/root then .joining the path.
We now came across an issue where a path there contains an absolute symlink, which ofc leads us to our own root.
I would want the symlink to be resolved as if I'm chrooted there, is this possible using cap-std?
Aviram Hassan (Oct 26 2022 at 08:38):okay, just tested it, I get permission denied.. any recommendation on another crate/api to use ?
Dan Gohman (Oct 28 2022 at 15:43):I don't know of any crates that do this.
Dan Gohman (Oct 28 2022 at 15:43):I have heard from other cap-std users that such a features might be useful, though, and have thought a bit about how it might work. I expect it would look like a new RootDir type, that works like Dir except that it would support absolute paths by resolving them relative to the base.
Charlie Barto (Nov 28 2022 at 11:06):it might need to be more complex, /proc/pid/root is not quite a normal symlink, since when traversing it you can see stuff like mounts that might not be in the same namespace as you
Last updated: Oct 23 2024 at 20:03 UTC