Struct fs_mistrust::Verifier

pub struct Verifier<'a> { /* private fields */ }

An object used to perform a single check.

A Verifier is used when Mistrust::check_directory and Mistrust::make_directory are not sufficient for your needs.

Implementations

impl<'a> Verifier<'a>

pub fn require_file(self) -> Self

Configure this Verifier to require that all paths it checks be files (not directories).

pub fn require_directory(self) -> Self

Configure this Verifier to require that all paths it checks be directories.

pub fn permit_all_object_types(self) -> Self

Configure this Verifier to allow the paths that it checks to be filesystem objects of any type.

By default, the final path (after resolving all links) must be a directory or a regular file, not (for example) a block device or a named pipe.

pub fn permit_readable(self) -> Self

Configure this Verifier to permit the target files/directory to be readable by untrusted users.

By default, we assume that the caller wants the target file or directory to be only readable or writable by trusted users. With this flag, we permit the target file or directory to be readable by untrusted users, but not writable.

(Note that we always allow the parent directories of the target to be readable by untrusted users, since their readability does not make the target readable.)

pub fn all_errors(self) -> Self

Tell this Verifier to accumulate as many errors as possible, rather than stopping at the first one.

If a single error is found, that error will be returned. Otherwise, the resulting error type will be Error::Multiple.

Example

if let Err(e) = Mistrust::new().verifier().all_errors().check("/home/gardenGnostic/.gnupg/") {
   for error in e.errors() {
      println!("{}", e)
   }
}

pub fn check_content(self) -> Self

Configure this verifier so that, after checking the directory, check all of its contents.

Symlinks are not permitted; both files and directories are allowed. This option implies require_directory(), since only a directory can have contents.

Requires that the walkdir feature is enabled.

pub fn check<P: AsRef<Path>>(self, path: P) -> Result<()>

Check whether the file or directory at path conforms to the requirements of this Verifier and the Mistrust that created it.

pub fn make_directory<P: AsRef<Path>>(self, path: P) -> Result<()>

Check whether path is a valid directory, and create it if it doesn’t exist.

Returns Ok if the directory already existed or if it was just created, and it conforms to the requirements of this Verifier and the Mistrust that created it.

Return an error if:

• there was a permissions or ownership problem in the path or any of its ancestors,
• there was a problem when creating the directory
• after creating the directory, we found that it had a permissions or ownership problem.

pub fn secure_dir<P: AsRef<Path>>(self, path: P) -> Result<CheckedDir>

Check whether path is a directory conforming to the requirements of this Verifier and the Mistrust that created it.

If it is, then return a new CheckedDir that can be used to securely access the contents of this directory.

pub fn make_secure_dir<P: AsRef<Path>>(self, path: P) -> Result<CheckedDir>

Check whether path is a directory conforming to the requirements of this Verifier and the Mistrust that created it.

If successful, then return a new CheckedDir that can be used to securely access the contents of this directory.

Trait Implementations

impl<'a> Clone for Verifier<'a>

fn clone(&self) -> Verifier<'a>

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<'a> Debug for Verifier<'a>

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.