Privilege Separation for Rust
This crate is experimental and WIP.
Minimum Rust version
This crate uses const generics and requires Rust 1.51 or later.
TODO
Many things, including:
- Improve documentation and rustdoc.
-
process
:
- Allow to spawn multiple processes of a same child (not really needed with tokio).
- Improve naming of structs.
- Add support for OS-specific sandboxing (e.g. OpenBSD pledge)
- Add support for running privileged operations in a child before privdrop.
-
Help to get
ancillary
into stable.
- Add suppport for nightly.
-
log
:
- Improve async logging and lazy initialization of log messages.
- Write more tests to improve code coverage.
Copyright and license
Licensed under an OpenBSD-ISC-style license, see LICENSE for details.