mirrors/v
1
0
Fork 0
mirror of https://github.com/vlang/v.git synced 2025-09-14 23:12:33 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions 12
v/vlib/os
History
Turiiya e465f7490c
tests: cleanup legacy temp path (#19716)
2023-10-31 15:16:19 +02:00
..
bare
cmdline
filelock
font all: 2023 copyright 2023-03-28 22:55:57 +02:00
notify all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
args.v all: 2023 copyright 2023-03-28 22:55:57 +02:00
const.v
const_nix.c.v
const_windows.c.v
debugger_darwin.c.v os: add #include <sys/types.h> to debugger_darwin.c.v, to fix bootstrapping on macOS <= 11 (#17446) 2023-03-01 00:06:12 +02:00
debugger_default.c.v
debugger_freebsd.c.v ci: fix bootstrapping on macos/freebsd etc 2023-02-21 12:30:35 +02:00
debugger_linux.c.v ci: fix bootstrapping on macos/freebsd etc 2023-02-21 12:30:35 +02:00
debugger_windows.c.v ci: fix bootstrapping on macos/freebsd etc 2023-02-21 12:30:35 +02:00
dir_expansions_test.v
environment.c.v vlib: update doc comments (#19231) 2023-08-30 08:50:00 +03:00
environment.js.v vlib: update doc comments (#19231) 2023-08-30 08:50:00 +03:00
environment_test.v
fd.c.v
file.c.v all: fix typos (#19634) 2023-10-23 21:21:15 +03:00
file.js.v
file_test.v tests: cleanup legacy temp path (#19716) 2023-10-31 15:16:19 +02:00
filepath.v all: fix typos (#19634) 2023-10-23 21:21:15 +03:00
filepath_test.v
filepath_windows.v
find_abs_path_of_executable_test.v tests: cleanup legacy temp path (#19716) 2023-10-31 15:16:19 +02:00
glob_test.v
inode.c.v all: 2023 copyright 2023-03-28 22:55:57 +02:00
inode_test.v tests: cleanup legacy temp path (#19716) 2023-10-31 15:16:19 +02:00
open_uri_default.c.v vlib: update doc comments (#19231) 2023-08-30 08:50:00 +03:00
open_uri_windows.c.v vlib: update doc comments (#19231) 2023-08-30 08:50:00 +03:00
os.c.v all: fix typos (#19634) 2023-10-23 21:21:15 +03:00
os.js.v
os.v all: fix typos (#19634) 2023-10-23 21:21:15 +03:00
os_android_outside_termux.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_darwin.c.v all: 2023 copyright 2023-03-28 22:55:57 +02:00
os_js.js.v os: return the long path for os.temp_dir() on windows, even for folders like c:\someth~1 (#17623) 2023-03-14 00:51:52 +02:00
os_linux.c.v all: 2023 copyright 2023-03-28 22:55:57 +02:00
os_nix.c.v checker: disallow struct int to ptr outside unsafe (#17923) 2023-04-13 07:38:21 +02:00
os_structs_dirent_default.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_structs_sigaction_default.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_structs_stat_default.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_structs_stat_linux.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_structs_utsname_default.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_test.v tests: cleanup legacy temp path (#19716) 2023-10-31 15:16:19 +02:00
os_windows.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
password_nix.c.v os,term.termios: add termios.set_state/2, state.disable_echo/0, use them in os.input_password, to fix v -os wasm32_emscripten examples/2048/ 2023-07-31 10:28:45 +03:00
password_windows.c.v clipboard: fix v -cstrict -cc gcc vlib/clipboard/clipboard_test.v 2023-10-15 21:21:29 +03:00
process.c.v
process.js.v
process.v os: implement Process.set_work_folder/0 to set the initial working folder of the new child process (#17946) 2023-04-13 14:48:32 +03:00
process_nix.c.v all: fix typos (#19634) 2023-10-23 21:21:15 +03:00
process_test.v tests: cleanup legacy temp path (#19716) 2023-10-31 15:16:19 +02:00
process_windows.c.v ci: vfmt vlib/os/process_windows.c.v and vlib/os/os.c.v 2023-10-16 01:48:35 +03:00
README.md os: update TOCTOU example in readme, to improve readability of the module docs on mobile (#19255) 2023-09-01 16:09:04 +03:00
signal.c.v os: add a convenient way to ignore certain system signals (#19639) 2023-10-25 17:15:26 +03:00
signal.js.v os: return the long path for os.temp_dir() on windows, even for folders like c:\someth~1 (#17623) 2023-03-14 00:51:52 +02:00
signal.v Revert "os: add a convenient way to ignore certain system signals (#19632)" (#19637) 2023-10-24 03:06:57 +03:00
signal_darwin.c.v os: add a convenient way to ignore certain system signals (#19639) 2023-10-25 17:15:26 +03:00
signal_default.c.v ci: fix bootstrapping of signal_default.c.v on macos 2023-10-25 22:26:52 +03:00
signal_test.v os: add a convenient way to ignore certain system signals (#19639) 2023-10-25 17:15:26 +03:00
signal_windows.c.v os: add a convenient way to ignore certain system signals (#19639) 2023-10-25 17:15:26 +03:00

README.md

Description:

os provides common OS/platform independent functions for accessing command line arguments, reading/writing files, listing folders, handling processes etc.

Security advice related to TOCTOU attacks

A few os module functions can lead to the TOCTOU vulnerability if used incorrectly. TOCTOU (Time-of-Check-to-Time-of-Use problem) can occur when a file, folder or similar is checked for certain specifications (e.g. read, write permissions) and a change is made afterwards. In the time between the initial check and the edit, an attacker can then cause damage. The following example shows an attack strategy on the left and an improved variant on the right so that TOCTOU is no longer possible.

Example Hint: os.create() opens a file in write-only mode

Possibility for TOCTOU attack TOCTOU not possible 
if os.is_writable("file") {
    // time to make a quick attack
    // (e.g. symlink /etc/passwd to `file`)

    mut f := os.create('path/to/file')!
    // do something with file
    f.close()
}

mut f := os.create('path/to/file') or {
    println("file not writable")
}

// file is locked
// do something with file

f.close()

Proven affected functions
The following functions should be used with care and only when used correctly.

  • os.is_readable()
  • os.is_writable()
  • os.is_executable()
  • os.is_link()