landlock

Enum Scope

Source 
#[non_exhaustive]
#[repr(u64)]
pub enum Scope {
    AbstractUnixSocket = 1,
    Signal = 2,
}
Expand description

Scope right.

Each variant of Scope is a scope flag. A set of scopes can be created with BitFlags<Scope>.

§Example

use landlock::{ABI, Access, Scope, BitFlags, make_bitflags};

let signal = Scope::Signal;

let signal_set: BitFlags<Scope> = signal.into();

let signal_uds = make_bitflags!(Scope::{Signal | AbstractUnixSocket});

let scope_v6 = Scope::from_all(ABI::V6);

assert_eq!(signal_uds, scope_v6);

§Warning

To avoid unknown restrictions don’t use BitFlags::<Scope>::all() nor BitFlags::ALL, but use a version you tested and vetted instead, for instance Scope::from_all(ABI::V6). Direct use of the BitFlags API is deprecated. See ABI for the rationale and help to test it.

Variants (Non-exhaustive)§

This enum is marked as non-exhaustive
Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.
§

AbstractUnixSocket = 1

Restrict from connecting to abstract UNIX sockets created outside the sandbox.

§

Signal = 2

Restrict from sending signals to processes outside the sandbox.

Trait Implementations§

Source§

impl Access for Scope

§Warning

If ABI <= ABI::V5, Scope::from_all() returns an empty BitFlags<AccessScope>, which makes Ruleset::handle_access(AccessScope::from_all(ABI::V5)) return an error.

Source§

fn from_all(abi: ABI) -> BitFlags<Self>

Gets the access rights defined by a specific ABI.
Source§

impl BitAnd for Scope

Source§

type Output = BitFlags<Scope>

The resulting type after applying the & operator.
Source§

fn bitand(self, other: Self) -> Self::Output

Performs the & operation. Read more
Source§

impl BitFlag for Scope

§

fn empty() -> BitFlags<Self>

Create a BitFlags with no flags set (in other words, with a value of 0). Read more
§

fn all() -> BitFlags<Self>

Create a BitFlags with all flags set. Read more
§

fn from_bits(bits: Self::Numeric) -> Result<BitFlags<Self>, FromBitsError<Self>>

Create a BitFlags if the raw value provided does not contain any illegal flags. Read more
§

fn from_bits_truncate(bits: Self::Numeric) -> BitFlags<Self>

Create a BitFlags from an underlying bitwise value. If any invalid bits are set, ignore them. Read more
§

unsafe fn from_bits_unchecked(bits: Self::Numeric) -> BitFlags<Self>

Create a BitFlags unsafely, without checking if the bits form a valid bit pattern for the type. Read more
Source§

impl BitOr for Scope

Source§

type Output = BitFlags<Scope>

The resulting type after applying the | operator.
Source§

fn bitor(self, other: Self) -> Self::Output

Performs the | operation. Read more
Source§

impl BitXor for Scope

Source§

type Output = BitFlags<Scope>

The resulting type after applying the ^ operator.
Source§

fn bitxor(self, other: Self) -> Self::Output

Performs the ^ operation. Read more
Source§

impl Clone for Scope

Source§

fn clone(&self) -> Scope

Returns a copy of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Scope

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Not for Scope

Source§

type Output = BitFlags<Scope>

The resulting type after applying the ! operator.
Source§

fn not(self) -> Self::Output

Performs the unary ! operation. Read more
Source§

impl PartialEq for Scope

Source§

fn eq(&self, other: &Scope) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl RawBitFlags for Scope

Source§

const EMPTY: Self::Numeric = {transmute(0x0000000000000000): <scope::Scope as enumflags2::_internal::RawBitFlags>::Numeric}

A value with no bits set.
Source§

const DEFAULT: Self::Numeric = {transmute(0x0000000000000000): <scope::Scope as enumflags2::_internal::RawBitFlags>::Numeric}

The value used by the Default implementation. Equivalent to EMPTY, unless customized.
Source§

const ALL_BITS: Self::Numeric = {transmute(0x0000000000000003): <scope::Scope as enumflags2::_internal::RawBitFlags>::Numeric}

A value with all flag bits set.
Source§

const BITFLAGS_TYPE_NAME: &'static str = "BitFlags<Scope>"

The name of the type for debug formatting purposes. Read more
Source§

type Numeric = u64

The underlying integer type.
Source§

fn bits(self) -> Self::Numeric

Return the bits as a number type.
Source§

impl Copy for Scope

Source§

impl Eq for Scope

Source§

impl StructuralPartialEq for Scope

Auto Trait Implementations§

§

impl Freeze for Scope

§

impl RefUnwindSafe for Scope

§

impl Send for Scope

§

impl Sync for Scope

§

impl Unpin for Scope

§

impl UnwindSafe for Scope

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dst: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.