inconsistent isolation protection: global Cargo config file interpreted as directory-local config on Windows

[rbtcollins]

A trivial bazel rules_rust setup, with a non-empty ~/.cargo/config.toml is handled differently on Windows and Linux.

On Windows we have the following structure:
~/.cargo/config.toml = C:/Users/<user>
~/src/bazelworkspace = C:/Users/<user>/src/bazelworkspace
TMP/TEMP = C:/Users//AppData/Local/Temp

On Linux the following structure:
~/.cargo/config.toml = /home/<user>
~/src/bazelworkspace = /home/<user>/src/bazelworkspace
TMP/TEMP = /tmp

This error

rules_rust/crate_universe/src/splicing/splicer.rs

Lines 393 to 395 in b96e37e

	"A Cargo config file was found in a parent directory to the current workspace. This is not allowed because these settings will leak into your Bazel build but will not be reproducible on other machines.\nWorkspace = {}\nCargo config = {}",
	workspace_dir.display(),
	config.display(),

is generated when running CARGO_BAZEL_REPIN=1 bazel sync --only=crate_index on Windows, but not on Linux.

But the setup, and the leaking of global configuration, is identical.

I'm not sure which way the project would like to take this - but right now on Linux isolation violation in this way is not detected, and doesn't generate errors... to me that its on rules_rust to ensure isolation rather than pushing it back onto the user. Perhaps using https://doc.rust-lang.org/cargo/reference/environment-variables.html#configuration-environment-variables to increase isolation.

As a user, I'd like to be able to work on Cargo only projects, and Bazel ones, without having to switch my global configuration on and off. I'd be ok with occasional mistakes that CI has to catch for me, as a tradeoff. That is, downgrading this to a warning would be ok for me.