You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- Only main.rs and session.rs have production unbounded channels; execution.rs, host_call.rs, snapshot.rs unbounded channels are all in test code
2804
2804
- crossbeam_channel::bounded API is drop-in replacement for unbounded — same Sender/Receiver types
2805
2805
---
2806
+
2807
+
## 2026-03-19 - US-072
2808
+
- What was implemented: Constant-time auth token comparison and race-free socket directory creation
2809
+
- Changes:
2810
+
1. Added `constant_time_eq()` function using XOR-accumulate for auth token comparison (prevents timing oracle)
2811
+
2. Replaced `fs::create_dir() + fs::set_permissions()` with `fs::DirBuilder::new().mode(0o700).create()` (eliminates TOCTOU race)
2812
+
3. Added tests: 3 for constant_time_eq (equal, different content, different length) and 1 for socket directory 0700 permissions
2813
+
- Files changed: crates/v8-runtime/src/main.rs
2814
+
- **Learnings for future iterations:**
2815
+
- `DirBuilderExt::mode()` (from `std::os::unix::fs`) sets permissions atomically via mkdir(2) — always prefer over create_dir + set_permissions
2816
+
- V8 isolate teardown SIGSEGV is pre-existing and test-order-dependent — the process crashes during exit cleanup when both execution and snapshot tests run in the same process, but all test assertions pass before the crash
2817
+
- `PermissionsExt` import moved to test module only since production code no longer needs it
0 commit comments