Hey all, just stumbled upon cap-std
- it looks great!
I have a use case that might be a bit unique.
I want to access paths as if I'm running from a specific process. Right now we do it by accessing the process' /proc/{pid}/root
then .join
ing the path.
We now came across an issue where a path there contains an absolute symlink, which ofc leads us to our own root.
I would want the symlink to be resolved as if I'm chrooted there, is this possible using cap-std
?
okay, just tested it, I get permission denied.. any recommendation on another crate/api to use ?
I don't know of any crates that do this.
I have heard from other cap-std users that such a features might be useful, though, and have thought a bit about how it might work. I expect it would look like a new RootDir
type, that works like Dir
except that it would support absolute paths by resolving them relative to the base.
it might need to be more complex, /proc/pid/root
is not quite a normal symlink, since when traversing it you can see stuff like mounts that might not be in the same namespace as you
Last updated: Dec 23 2024 at 12:05 UTC