Expand capsec-std and capsec-tokio wrapper coverage #20
Description
Current state
Both capsec-std and capsec-tokio wrap the most common I/O functions, but several std and tokio functions are missing from both crates. Since capsec-tokio mirrors capsec-std, additions should be made to both in parallel.
Missing filesystem wrappers
These exist in std::fs / tokio::fs but are not wrapped:
| Function | Permission | Notes |
|---|---|---|
symlink_metadata |
FsRead |
Reads metadata without following symlinks |
canonicalize |
FsRead |
Resolves symlinks to canonical path |
read_link |
FsRead |
Reads the target of a symlink |
try_exists |
FsRead |
Checks if a path exists (tokio only) |
hard_link |
FsWrite |
Creates a hard link |
set_permissions |
FsWrite |
Changes file permissions |
create_dir |
FsWrite |
Creates a single directory (not recursive) |
remove_dir |
FsWrite |
Removes an empty directory |
Missing network wrappers
| Function | Permission | Notes |
|---|---|---|
UdpSocket::connect |
NetConnect |
Connects a UDP socket to a remote address (tokio only — sets default send target) |
Not wrapping (intentional)
| Function | Why |
|---|---|
env::var (async) |
Env vars are not async — no tokio equivalent |
OpenOptions |
Builder pattern is hard to gate meaningfully; users can use open()/create() |
tokio::net::UnixStream / UnixListener |
Platform-specific (unix only), unclear permission mapping |
tokio::spawn |
Task spawning is not I/O authority in the capsec model |
Approach
Each new function follows the existing pattern:
capsec-std:let _proof: Cap<P> = cap.cap_ref();then delegate tostd::*capsec-tokio:{ let _proof: Cap<P> = cap.cap_ref(); }then delegate totokio::*with.await
Add to both crates in the same PR to keep them in sync.
Priority
Nice-to-have for v0.2. The current coverage handles the common cases. These are long-tail functions that most users won't need immediately.