'chmod' equivalent in snapshot preview1? #33

titzer · 2021-07-28T04:54:50Z

It appears that snapshot preview 1 does not have a way to change file permissions. This is important functionality for one of my use cases (a compiler that generates executables). This functionality does appear to be planned for the next version of wasi.

Is snapshot preview1 being updated? Is there interest in adding a chmod-like capability?

If so, I would propose a simple fs_chmod(fd: i32, mode: i32) function.

The text was updated successfully, but these errors were encountered:

sunfishcode · 2021-07-28T13:12:48Z

We've have a permissions_set function in the latest proposal, though it's not yet in a published shapshot. It's currently limited to just read/write/execute, as well as a private flag, rather than exposing the Unix user/group/other bits individually. But the upside is that it should be implementable on Windows. Do you think that would be enough for your usecase, or do you need more fine-grained control?

Adding a full chmod is also an option, though it might need to be designed in a way that would allow it to fail if the underlying filesystem doesn't use Unix-style user/group/other.

titzer · 2021-07-28T14:45:19Z

For my use case, just u+x would be enough to limp along, but that feels like it wouldn't be general enough. Designating permission categories user/group/other and failing if one of the categories does not exist would allow an app to at least try setting permissions. Keep in mind there is also the setuid bit, which is esoteric, but useful in some situations.

sunfishcode · 2021-07-28T16:33:57Z

setuid is tricky (even ignoring its long troubled security history), because setuid allows programs to effectively grant the full host-process authority to other programs, and WASI programs may be considered less privileged than the host-process user. There are ways we could model it, such as passing programs an extra handle to represent a "host-process authority" that they'd have to pass into the API to set a setuid bit. But before we start designing something, it'd be good to have specific motivating use cases.

titzer · 2021-07-28T17:03:16Z

I'm happy to leave setuid out of functionality for chmod, as I don't have a use case for it. I just mentioned it for completeness.

This makes a number of changes, to make use of interface-types features such as `expected`, variant types, and resources. The change to use resources in particular means that filesystem functions are now methods of the `descriptor` resource. Since this means renaming everything, take this opportunity to introduce a new naming conventions, with `_at` being used for functions that take dirfd+path arguments. This also eliminates the `rights` concept what was present in earlier versions of WASI, has has discussed in WebAssembly#31. This required adding new flags to `open_at`, so while here, this also adds basic `chmod`-like support, as discussed in WebAssembly#33. And, this removes support for readdir seeking (seekdir/telldir), as discussed in WebAssembly#7. And it adds a fifo file type and a more general socket type, as discussed in

This makes a number of changes, to make use of interface-types features such as expected, variant types, and resources. The change to use resources in particular means that filesystem functions are now methods of the descriptor resource. Since this means renaming everything, take this opportunity to introduce a new naming conventions, with _at being used for functions that take dirfd+path arguments. This also eliminates the rights concept what was present in earlier versions of WASI, has has discussed in WebAssembly#31. This required adding new flags to open_at, so while here, this also adds basic chmod-like support, as discussed in WebAssembly#33. And, this removes support for readdir seeking (seekdir/telldir), as discussed in WebAssembly#7. And it adds a fifo file type and a more general socket type, as discussed in WebAssembly#4.

This makes a number of changes, to make use of interface-types features such as expected, variant types, and resources. The change to use resources in particular means that filesystem functions are now methods of the descriptor resource. Since this means renaming everything, take this opportunity to introduce a new naming conventions, with _at being used for functions that take dirfd+path arguments. This also eliminates the rights concept what was present in earlier versions of WASI, has has discussed in #31. This required adding new flags to open_at, so while here, this also adds basic chmod-like support, as discussed in #33. And, this removes support for readdir seeking (seekdir/telldir), as discussed in #7. And it adds a fifo file type and a more general socket type, as discussed in #4.

sunfishcode transferred this issue from WebAssembly/WASI Jul 28, 2021

sunfishcode mentioned this issue Nov 22, 2021

Port the wasi-filesystem API to the new wai format. #35

Closed

sunfishcode mentioned this issue Nov 22, 2021

Port the wasi-filesystem API to the new wit format. #36

Merged

sunfishcode added the enhancement New feature or request label Jul 20, 2022

Puellaquae mentioned this issue Sep 27, 2022

LFX Workspace: Node API support for WasmEdge QuickJS WasmEdge/WasmEdge#1834

Closed

6 tasks

sunfishcode mentioned this issue Dec 22, 2022

Support for user-only permissions #75

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

'chmod' equivalent in snapshot preview1? #33

'chmod' equivalent in snapshot preview1? #33

titzer commented Jul 28, 2021

sunfishcode commented Jul 28, 2021

titzer commented Jul 28, 2021

sunfishcode commented Jul 28, 2021

titzer commented Jul 28, 2021

'chmod' equivalent in snapshot preview1? #33

'chmod' equivalent in snapshot preview1? #33

Comments

titzer commented Jul 28, 2021

sunfishcode commented Jul 28, 2021

titzer commented Jul 28, 2021

sunfishcode commented Jul 28, 2021

titzer commented Jul 28, 2021