Ask questionsEnable intercepting all filesystem access with WasiCtxBuilder

I'm interested in using wasmtime as a VM to run wasi scripts in a sandbox - and by being at the level normally reserved for the OS, being able to get precise information about which files/dirs the sandboxed application reads and writes. I'd also like to be able to dynamically fill in the filesystem tree exposed to the wasi program rather than having to have the tree pre-populated, as in my case the filesystem tree could be prohibitively large.

There are a couple things missing from the existing VirtualDirEntry:

  • Listing a directory dynamically - e.g. by changing the Directory enum from storing HashMap<String, VirtualDirEntry> to storing Box<dyn DirContents>, analogous to FileContents
  • Receiving callbacks for when new files are created in a given dir, presumably via the new trait DirContents

This design is of course pretty fuzzy at this point, and I've only done a cursory inspection of the interfaces involved. I'd be interested in working on this, if this seems to be in alignment with the project's goals. Feedback is most welcome!


Answer questions kamyuentse

I am interested in the new architecture of this crate, @joshuawarner32 describe a use case to access the host file system. And I think we need to consider how to interoperate with the remote filesystem or object storage service, hdfs, s3, etc on the cloud platform.


Related questions

No questions were found.
Github User Rank List