-
Notifications
You must be signed in to change notification settings - Fork 79
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make visudo
into a forbid(unsafe_code)
module.
#859
Comments
Is https://docs.rs/tempfile/latest/tempfile/fn.tempdir.html a good replacement? It's a small crate. |
I'd lean to use an std function instead (I"m not sure if https://doc.rust-lang.org/std/env/fn.temp_dir.html does what we want). Adding a dependency that has |
I have mis-copied before, I meant the link above I provided. You can use a std function, though I didn't find a way to use mkdtemp in |
yeah we would have to come up with a random name for the directory ourselves and I'm not sure what would be the proper requirements for that. Maybe we could "just" move the |
I agree that just incorporating an extra dependency that uses the same kind of code would just be "sweeping it under the rug". One easy way would be to move it to |
the issue with So we could, in principle, call I think moving this wrapper to |
|
The advantage of just moving it to |
Don't think its a good argument, but it's up to the maintainer. |
why? |
Just because But I also don't see any potential issue moving it to |
Yes, I agree that using the same function as On the other hand, if |
visudo uses
unsafe
code at two spots n thefn create_temporary_dir
. While visudo isn't part of the security critical boundary, it would be nice to remove them (or move them into thesystem
module).The text was updated successfully, but these errors were encountered: