You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- Only main.rs and session.rs have production unbounded channels; execution.rs, host_call.rs, snapshot.rs unbounded channels are all in test code
2798
2798
- crossbeam_channel::bounded API is drop-in replacement for unbounded — same Sender/Receiver types
2799
2799
---
2800
+
2801
+
## 2026-03-19 - US-072
2802
+
- What was implemented: Constant-time auth token comparison and race-free socket directory creation
2803
+
- Changes:
2804
+
1. Added `constant_time_eq()` function using XOR-accumulate for auth token comparison (prevents timing oracle)
2805
+
2. Replaced `fs::create_dir() + fs::set_permissions()` with `fs::DirBuilder::new().mode(0o700).create()` (eliminates TOCTOU race)
2806
+
3. Added tests: 3 for constant_time_eq (equal, different content, different length) and 1 for socket directory 0700 permissions
2807
+
- Files changed: crates/v8-runtime/src/main.rs
2808
+
- **Learnings for future iterations:**
2809
+
- `DirBuilderExt::mode()` (from `std::os::unix::fs`) sets permissions atomically via mkdir(2) — always prefer over create_dir + set_permissions
2810
+
- V8 isolate teardown SIGSEGV is pre-existing and test-order-dependent — the process crashes during exit cleanup when both execution and snapshot tests run in the same process, but all test assertions pass before the crash
2811
+
- `PermissionsExt` import moved to test module only since production code no longer needs it
0 commit comments