diff --git a/sandboxed_api/sandbox2/examples/static/static_bin.cc b/sandboxed_api/sandbox2/examples/static/static_bin.cc index 99a4b73..f328243 100644 --- a/sandboxed_api/sandbox2/examples/static/static_bin.cc +++ b/sandboxed_api/sandbox2/examples/static/static_bin.cc @@ -18,6 +18,7 @@ // It inverts all bytes coming from stdin and writes them to the stdout. #include +#include #include #include @@ -28,6 +29,8 @@ int main(int argc, char** argv) { char buf[1024]; size_t total_bytes = 0U; + prctl(PR_SET_NAME, "static_bin"); + fprintf(stderr, "=============================\n"); fprintf(stderr, "Starting file capitalization\n"); fprintf(stderr, "=============================\n"); diff --git a/sandboxed_api/sandbox2/examples/static/static_sandbox.cc b/sandboxed_api/sandbox2/examples/static/static_sandbox.cc index 8587575..55724d6 100644 --- a/sandboxed_api/sandbox2/examples/static/static_sandbox.cc +++ b/sandboxed_api/sandbox2/examples/static/static_sandbox.cc @@ -69,6 +69,10 @@ std::unique_ptr GetPolicy() { // write() calls with fd not in (1, 2) will continue evaluating the // policy. This means that other rules might still allow them. + // Allow the Sandboxee to set the name for better recognition in the + // process listing. + .AllowPrctlSetName() + // Allow the dynamic loader to mark pages to never allow read-write-exec. .AddPolicyOnSyscall(__NR_mprotect, {