Documentation
¶
Overview ¶
Package pathutil provides small, security-critical helpers for path confinement and symlink-aware resolution. These primitives are used by multiple packages (resource resolver, sandbox volume validation, file tools, etc.) so they are promoted here to avoid drifting near-identical copies.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CleanAbs ¶
CleanAbs returns the absolute, cleaned form of path. If the absolute path cannot be determined, it returns the error.
func ResolveDirSymlinks ¶
ResolveDirSymlinks returns the absolute, cleaned path with all directory symlinks resolved. The final path component is left untouched so callers can still enforce O_NOFOLLOW on it. If a directory component does not exist, the original absolute path is returned so the caller can produce a sensible "not found" error.
func WithinRoot ¶
WithinRoot reports whether candidate resolves to a path inside root. Directory symlinks in candidate are resolved before comparison so a symlinked directory outside the workspace cannot bypass confinement; the final component is kept unresolved so symlinks to files inside the workspace are still visible to callers that reject symlink final components separately. The check is separator-aware so "/foo" does not match "/foobar".
If root cannot be symlink-resolved (e.g. it does not exist yet in a test or for a not-yet-created working directory), the comparison falls back to the lexical absolute path, preserving the original sandbox semantics where the resolved re-check was optional.
Types ¶
This section is empty.
Source Files