diff --git a/sandboxed_api/sandbox2/buffer_test.cc b/sandboxed_api/sandbox2/buffer_test.cc index 32c5c02..425032d 100644 --- a/sandboxed_api/sandbox2/buffer_test.cc +++ b/sandboxed_api/sandbox2/buffer_test.cc @@ -63,6 +63,7 @@ TEST(BufferTest, TestImplementation) { std::unique_ptr BufferTestcasePolicy() { auto s2p = PolicyBuilder() + .DisableNamespaces() .AllowStaticStartup() .AllowExit() .AllowSafeFcntl() diff --git a/sandboxed_api/sandbox2/examples/crc4/crc4sandbox.cc b/sandboxed_api/sandbox2/examples/crc4/crc4sandbox.cc index 7c2176f..ec87d4b 100644 --- a/sandboxed_api/sandbox2/examples/crc4/crc4sandbox.cc +++ b/sandboxed_api/sandbox2/examples/crc4/crc4sandbox.cc @@ -49,6 +49,7 @@ namespace { std::unique_ptr GetPolicy() { return sandbox2::PolicyBuilder() + .DisableNamespaces() .AllowExit() .AddPolicyOnSyscalls( {__NR_read, __NR_write, __NR_close}, diff --git a/sandboxed_api/sandbox2/ipc_test.cc b/sandboxed_api/sandbox2/ipc_test.cc index 97ce506..339dbdc 100644 --- a/sandboxed_api/sandbox2/ipc_test.cc +++ b/sandboxed_api/sandbox2/ipc_test.cc @@ -44,6 +44,7 @@ TEST(IPCTest, MapFDByNamePreExecve) { Comms comms(executor->ipc()->ReceiveFd(kPreferredIpcFd, "ipc_test")); SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() + .DisableNamespaces() // Don't restrict the syscalls at all. .DangerDefaultAllowAll() .TryBuild()); @@ -74,6 +75,7 @@ TEST(IPCTest, MapFDByNamePostExecve) { Comms comms(executor->ipc()->ReceiveFd(kPreferredIpcFd, "ipc_test")); SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() + .DisableNamespaces() // Don't restrict the syscalls at all. .DangerDefaultAllowAll() .TryBuild()); @@ -100,6 +102,7 @@ TEST(IPCTest, NoMappedFDsPreExecve) { auto executor = absl::make_unique(path, args); SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() + .DisableNamespaces() // Don't restrict the syscalls at all. .DangerDefaultAllowAll() .TryBuild()); diff --git a/sandboxed_api/sandbox2/limits_test.cc b/sandboxed_api/sandbox2/limits_test.cc index 9b27b9c..ce04358 100644 --- a/sandboxed_api/sandbox2/limits_test.cc +++ b/sandboxed_api/sandbox2/limits_test.cc @@ -42,6 +42,7 @@ TEST(LimitsTest, RLimitASMmapUnderLimit) { executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB SAPI_ASSERT_OK_AND_ASSIGN(auto policy, sandbox2::PolicyBuilder() + .DisableNamespaces() // Don't restrict the syscalls at all. .DangerDefaultAllowAll() .TryBuild()); @@ -59,6 +60,7 @@ TEST(LimitsTest, RLimitASMmapAboveLimit) { executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB SAPI_ASSERT_OK_AND_ASSIGN(auto policy, sandbox2::PolicyBuilder() + .DisableNamespaces() // Don't restrict the syscalls at all. .DangerDefaultAllowAll() .TryBuild()); @@ -76,6 +78,7 @@ TEST(LimitsTest, RLimitASAllocaSmallUnderLimit) { executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB SAPI_ASSERT_OK_AND_ASSIGN(auto policy, sandbox2::PolicyBuilder() + .DisableNamespaces() // Don't restrict the syscalls at all. .DangerDefaultAllowAll() .TryBuild()); @@ -93,6 +96,7 @@ TEST(LimitsTest, RLimitASAllocaBigUnderLimit) { executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB SAPI_ASSERT_OK_AND_ASSIGN(auto policy, sandbox2::PolicyBuilder() + .DisableNamespaces() // Don't restrict the syscalls at all. .DangerDefaultAllowAll() .TryBuild()); @@ -110,6 +114,7 @@ TEST(LimitsTest, RLimitASAllocaBigAboveLimit) { executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB SAPI_ASSERT_OK_AND_ASSIGN(auto policy, sandbox2::PolicyBuilder() + .DisableNamespaces() // Don't restrict the syscalls at all. .DangerDefaultAllowAll() .TryBuild()); diff --git a/sandboxed_api/sandbox2/namespace_test.cc b/sandboxed_api/sandbox2/namespace_test.cc index 702570a..06c28cf 100644 --- a/sandboxed_api/sandbox2/namespace_test.cc +++ b/sandboxed_api/sandbox2/namespace_test.cc @@ -83,6 +83,7 @@ TEST(NamespaceTest, UserNamespaceWorks) { { auto executor = absl::make_unique(path, args); SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() + .DisableNamespaces() // Don't restrict the syscalls at all .DangerDefaultAllowAll() .TryBuild()); @@ -103,6 +104,7 @@ TEST(NamespaceTest, UserNamespaceIDMapWritten) { std::vector args = {path, "3", "1000", "1000"}; auto executor = absl::make_unique(path, args); SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() + .EnableNamespaces() // Don't restrict the syscalls at all .DangerDefaultAllowAll() .EnableNamespaces() @@ -122,6 +124,7 @@ TEST(NamespaceTest, UserNamespaceIDMapWritten) { std::vector args = {path, "3", uid, gid}; auto executor = absl::make_unique(path, args); SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() + .DisableNamespaces() // Don't restrict the syscalls at all .DangerDefaultAllowAll() .TryBuild()); @@ -151,6 +154,7 @@ class HostnameTest : public testing::Test { TEST_F(HostnameTest, None) { SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() + .DisableNamespaces() // Don't restrict the syscalls at all .DangerDefaultAllowAll() .TryBuild()); diff --git a/sandboxed_api/sandbox2/notify_test.cc b/sandboxed_api/sandbox2/notify_test.cc index fb285fb..557f7f1 100644 --- a/sandboxed_api/sandbox2/notify_test.cc +++ b/sandboxed_api/sandbox2/notify_test.cc @@ -42,6 +42,7 @@ namespace { // chosen because unlikely to be called by a regular program. std::unique_ptr NotifyTestcasePolicy() { return PolicyBuilder() + .DisableNamespaces() .AllowStaticStartup() .AllowExit() .AllowRead() diff --git a/sandboxed_api/sandbox2/policy_test.cc b/sandboxed_api/sandbox2/policy_test.cc index b27be97..6f6758a 100644 --- a/sandboxed_api/sandbox2/policy_test.cc +++ b/sandboxed_api/sandbox2/policy_test.cc @@ -41,6 +41,7 @@ namespace { std::unique_ptr PolicyTestcasePolicy() { return PolicyBuilder() + .DisableNamespaces() .AllowStaticStartup() .AllowExit() .AllowRead() diff --git a/sandboxed_api/sandbox2/policybuilder_test.cc b/sandboxed_api/sandbox2/policybuilder_test.cc index 1318b7c..68af600 100644 --- a/sandboxed_api/sandbox2/policybuilder_test.cc +++ b/sandboxed_api/sandbox2/policybuilder_test.cc @@ -194,6 +194,7 @@ std::string PolicyBuilderTest::Run(std::vector args, TEST_F(PolicyBuilderTest, TestCanOnlyBuildOnce) { PolicyBuilder b; + b.EnableNamespaces(); ASSERT_THAT(b.BuildOrDie(), NotNull()); ASSERT_DEATH(b.BuildOrDie(), "Can only build policy once"); } diff --git a/sandboxed_api/sandbox2/sandbox2_test.cc b/sandboxed_api/sandbox2/sandbox2_test.cc index 6d29e8f..1a3f290 100644 --- a/sandboxed_api/sandbox2/sandbox2_test.cc +++ b/sandboxed_api/sandbox2/sandbox2_test.cc @@ -54,6 +54,7 @@ TEST(SandboxCoreDumpTest, AbortWithoutCoreDumpReturnsSignaled) { auto executor = absl::make_unique(path, args); SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() + .DisableNamespaces() // Don't restrict the syscalls at all. .DangerDefaultAllowAll() .TryBuild()); @@ -75,6 +76,7 @@ TEST(TsyncTest, TsyncNoMemoryChecks) { executor->set_enable_sandbox_before_exec(false); SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() + .DisableNamespaces() // Don't restrict the syscalls at all. .DangerDefaultAllowAll() .TryBuild()); @@ -101,6 +103,7 @@ TEST(ExecutorTest, ExecutorFdConstructor) { auto executor = absl::make_unique(fd, args, envs); SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() + .DisableNamespaces() // Don't restrict the syscalls at all. .DangerDefaultAllowAll() .TryBuild()); @@ -205,8 +208,9 @@ TEST(StarvationTest, MonitorIsNotStarvedByTheSandboxee) { std::vector envs; auto executor = absl::make_unique(path, args, envs); - SAPI_ASSERT_OK_AND_ASSIGN(auto policy, - PolicyBuilder().DangerDefaultAllowAll().TryBuild()); + SAPI_ASSERT_OK_AND_ASSIGN( + auto policy, + PolicyBuilder().DisableNamespaces().DangerDefaultAllowAll().TryBuild()); executor->limits()->set_walltime_limit(absl::Seconds(5)); Sandbox2 sandbox(std::move(executor), std::move(policy)); auto start = absl::Now(); diff --git a/sandboxed_api/sandbox2/sanitizer_test.cc b/sandboxed_api/sandbox2/sanitizer_test.cc index 64f121e..4ba7fd8 100644 --- a/sandboxed_api/sandbox2/sanitizer_test.cc +++ b/sandboxed_api/sandbox2/sanitizer_test.cc @@ -130,6 +130,7 @@ TEST(SanitizerTest, TestSandboxedBinary) { auto executor = absl::make_unique(path, args); SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() + .DisableNamespaces() // Don't restrict the syscalls at all. .DangerDefaultAllowAll() .TryBuild());