Check ownership during Cargo.toml discovery.

This adds a check for file ownership when locating Cargo.toml files.

Author: ehuss

src/cargo/core/workspace.rs

@@ -21,6 +21,7 @@ use crate::core::{EitherManifest, Package, SourceId, VirtualManifest};
 use crate::ops;
 use crate::sources::{PathSource, CRATES_IO_INDEX, CRATES_IO_REGISTRY};
 use crate::util::errors::{CargoResult, ManifestError};
+use crate::util::important_paths;
 use crate::util::interning::InternedString;
 use crate::util::lev_distance;
 use crate::util::toml::{read_manifest, InheritableFields, TomlDependency, TomlProfiles};
@@ -1707,7 +1708,9 @@ fn find_workspace_root_with_loader(
     config: &Config,
     mut loader: impl FnMut(&Path) -> CargoResult<Option<PathBuf>>,
 ) -> CargoResult<Option<PathBuf>> {
+    let safe_directories = config.safe_directories()?;
     for ances_manifest_path in find_root_iter(manifest_path, config) {
+        important_paths::check_safe_manifest_path(config, &safe_directories, &ances_manifest_path)?;
         debug!("find_root - trying {}", ances_manifest_path.display());
         if let Some(ws_root_path) = loader(&ances_manifest_path)? {
             return Ok(Some(ws_root_path));

src/cargo/ops/registry.rs

@@ -830,7 +830,7 @@ pub fn modify_owners(config: &Config, opts: &OwnersOptions) -> CargoResult<()> {
     let name = match opts.krate {
         Some(ref name) => name.clone(),
         None => {
-            let manifest_path = find_root_manifest_for_wd(config.cwd())?;
+            let manifest_path = find_root_manifest_for_wd(config)?;
             let ws = Workspace::new(&manifest_path, config)?;
             ws.current()?.package_id().name().to_string()
         }
@@ -905,7 +905,7 @@ pub fn yank(
     let name = match krate {
         Some(name) => name,
         None => {
-            let manifest_path = find_root_manifest_for_wd(config.cwd())?;
+            let manifest_path = find_root_manifest_for_wd(config)?;
             let ws = Workspace::new(&manifest_path, config)?;
             ws.current()?.package_id().name().to_string()
         }

src/cargo/util/command_prelude.rs

@@ -344,7 +344,7 @@ pub trait ArgMatchesExt {
             }
             return Ok(path);
         }
-        find_root_manifest_for_wd(config.cwd())
+        find_root_manifest_for_wd(config)
     }
 
     fn workspace<'a>(&self, config: &'a Config) -> CargoResult<Workspace<'a>> {

src/cargo/util/important_paths.rs

@@ -1,16 +1,21 @@
-use crate::util::errors::CargoResult;
+use crate::util::errors::{self, CargoResult};
+use crate::util::Config;
 use cargo_util::paths;
+use std::collections::HashSet;
 use std::path::{Path, PathBuf};
 
 /// Finds the root `Cargo.toml`.
-pub fn find_root_manifest_for_wd(cwd: &Path) -> CargoResult<PathBuf> {
+pub fn find_root_manifest_for_wd(config: &Config) -> CargoResult<PathBuf> {
     let valid_cargo_toml_file_name = "Cargo.toml";
     let invalid_cargo_toml_file_name = "cargo.toml";
     let mut invalid_cargo_toml_path_exists = false;
+    let safe_directories = config.safe_directories()?;
+    let cwd = config.cwd();
 
     for current in paths::ancestors(cwd, None) {
         let manifest = current.join(valid_cargo_toml_file_name);
         if manifest.exists() {
+            check_safe_manifest_path(config, &safe_directories, &manifest)?;
             return Ok(manifest);
         }
         if current.join(invalid_cargo_toml_file_name).exists() {
@@ -43,3 +48,23 @@ pub fn find_project_manifest_exact(pwd: &Path, file: &str) -> CargoResult<PathBu
         anyhow::bail!("Could not find `{}` in `{}`", file, pwd.display())
     }
 }
+
+/// Checks whether or not the given manifest path is owned by a different user.
+pub fn check_safe_manifest_path(
+    config: &Config,
+    safe_directories: &HashSet<PathBuf>,
+    path: &Path,
+) -> CargoResult<()> {
+    if !config.safe_directories_enabled() {
+        return Ok(());
+    }
+    paths::validate_ownership(path, safe_directories).map_err(|e| {
+        match e.downcast_ref::<paths::OwnershipError>() {
+            Some(e) => {
+                let to_add = e.path.parent().unwrap();
+                errors::ownership_error(e, "manifests", to_add, config)
+            }
+            None => e,
+        }
+    })
+}