From 1cce3060227f7bc53a8d5ad938f092362cf78855 Mon Sep 17 00:00:00 2001
From: Nayeem Rahman <nayeemrmn99@gmail.com>
Date: Wed, 30 Aug 2023 18:52:01 +0100
Subject: fix(runtime/permissions): Resolve executable specifiers in allowlists
 and queries (#14130)

Closes #14122.

Adds two extensions to `--allow-run` behaviour:
- When `--allow-run=foo` is specified and `foo` is found in the `PATH`
at startup, `RunDescriptor::Path(which("foo"))` is added to the
allowlist alongside `RunDescriptor::Name("foo")`. Currently only the
latter is.
- When run permission for `foo` is queried and `foo` is found in the
`PATH` at runtime, either `RunDescriptor::Path(which("foo"))` or
`RunDescriptor::Name("foo")` would qualify in the allowlist. Currently
only the latter does.
---
 runtime/Cargo.toml | 1 +
 1 file changed, 1 insertion(+)

(limited to 'runtime/Cargo.toml')

diff --git a/runtime/Cargo.toml b/runtime/Cargo.toml
index d4401effd..5ab50714d 100644
--- a/runtime/Cargo.toml
+++ b/runtime/Cargo.toml
@@ -109,6 +109,7 @@ termcolor = "1.1.3"
 tokio.workspace = true
 tokio-metrics.workspace = true
 uuid.workspace = true
+which = "4.2.5"
 
 [target.'cfg(windows)'.dependencies]
 fwdansi.workspace = true
-- 
cgit v1.2.3