konsumer
commented
3 weeks ago This may be resolved with discussion at zen-fs#124
Open konsumer opened 1 month ago
konsumer
commented
3 weeks ago This may be resolved with discussion at zen-fs#124
konsumer
commented
2 weeks ago I may just make my own fs-like to handle this. I have already been using emscripten's FS directly, to provide fs for another WASI (shared only between the 2, but not other instances) and it works fine. filer is also maybe a better fit, since it does not use a global fs.
Since we can't really control that
/is root, and it's memfs in zenfs, it would be cool to be able to sort of "chroot" (lock access to a specific directory.) This would allow mounting/zipthen switching/to/zip, so/cyber.txtis a file inside the zip.I think this could be done by translating any directories to prepend
this.rootDirand then allow setting that.Normally, I would make sure that users can't do things like
/somedir/../../.., but for this case it's not really important. It's sort of a "light sandbox" since you can just not mount things you don't want the user to access, still maybe a "nice to have" to make sure it can't access anything outside of/.