From 4e8f7c453674c02f18479c72c87a74c4b8abfdfe Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Sun, 19 Apr 2026 07:08:42 +0000
Subject: [PATCH] fix(tauri): reject "/" root path in workspace validation

trim_end_matches('/') collapses "/" to "", which then isn't matched by
the forbidden list, so a root-filesystem workspace slipped through. Keep
"/" as the canonical form when the stripped value is empty.
---
 apps/tauri/src-tauri/src/lib.rs | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/apps/tauri/src-tauri/src/lib.rs b/apps/tauri/src-tauri/src/lib.rs
index 8f512e9..968b37e 100644
--- a/apps/tauri/src-tauri/src/lib.rs
+++ b/apps/tauri/src-tauri/src/lib.rs
@@ -79,7 +79,10 @@ fn validate_workspace_path(path: &str) -> Result<(), String> {
     #[cfg(unix)]
     {
         let forbidden = ["/", "/etc", "/usr", "/bin", "/sbin", "/var", "/proc", "/sys", "/dev"];
+        // Strip trailing slashes, but keep "/" itself — trim_end_matches would
+        // collapse it to "" and slip past the forbidden check.
         let canonical = normalized.trim_end_matches('/');
+        let canonical = if canonical.is_empty() { "/" } else { canonical };
         if forbidden.contains(&canonical) {
             return Err(format!("Cannot use system directory as workspace: {}", path));
         }