about summary refs log tree commit diff
path: root/library/std/src/sys/windows/os.rs
AgeCommit message (Collapse)AuthorLines
2021-12-09Rollup merge of #89999 - talagrand:GetTempPath2, r=m-ou-seMatthias Krüger-1/+1
Update std::env::temp_dir to use GetTempPath2 on Windows when available. As a security measure, Windows 11 introduces a new temporary directory API, GetTempPath2. When the calling process is running as SYSTEM, a separate temporary directory will be returned inaccessible to non-SYSTEM processes. For non-SYSTEM processes the behavior will be the same as before. This can help mitigate against attacks such as this one: https://medium.com/csis-techblog/cve-2020-1088-yet-another-arbitrary-delete-eop-a00b97d8c3e2 Compatibility risk: Software which relies on temporary files to communicate between SYSTEM and non-SYSTEM processes may be affected by this change. In many cases, such patterns may be vulnerable to the very attacks the new API was introduced to harden against. I'm unclear on the Rust project's tolerance for such change-of-behavior in the standard library. If anything, this PR is meant to raise awareness of the issue and hopefully start the conversation. How tested: Taking the example code from the documentation and running it through psexec (from SysInternals) on Win10 and Win11. On Win10: C:\test>psexec -s C:\test\main.exe <...> Temporary directory: C:\WINDOWS\TEMP\ On Win11: C:\test>psexec -s C:\test\main.exe <...> Temporary directory: C:\Windows\SystemTemp\
2021-10-22Add comment documenting why we can't use a simpler solutionSteven-0/+4
See #90144 for context. r? @joshtriplett
2021-10-18Update std::env::temp_dir to use GetTempPath2 on Windows when available.Eugene Talagrand-1/+1
As a security measure, Windows 11 introduces a new temporary directory API, GetTempPath2. When the calling process is running as SYSTEM, a separate temporary directory will be returned inaccessible to non-SYSTEM processes. For non-SYSTEM processes the behavior will be the same as before.
2021-08-19I/O safety.Dan Gohman-1/+1
Introduce `OwnedFd` and `BorrowedFd`, and the `AsFd` trait, and implementations of `AsFd`, `From<OwnedFd>` and `From<T> for OwnedFd` for relevant types, along with Windows counterparts for handles and sockets. Tracking issue: - <https://github.com/rust-lang/rust/issues/87074> RFC: - <https://github.com/rust-lang/rfcs/blob/master/text/3128-io-safety.md>
2021-07-05Make `getenv` return an Option instead of a ResultAris Merchant-14/+5
2020-08-31std: move "mod tests/benches" to separate filesLzu Tao-17/+3
Also doing fmt inplace as requested.
2020-07-27mv std libs to library/mark-0/+347
generated by cgit-pink 1.4.1-3-g733a5 (git 2.37.1) at 2026-03-01 14:06:26 +0000