Implement DangerDefaultAllowAll using DefaultAction(AllowAllSyscalls())

PiperOrigin-RevId: 513861597
Change-Id: I6e4038648a005bbe57ca33a4c0466f5af2184da8
This commit is contained in:
Wiktor Garbacz 2023-03-03 10:25:39 -08:00 committed by Copybara-Service
parent e09c2bc215
commit 550b26587f
2 changed files with 3 additions and 3 deletions

View File

@ -1113,8 +1113,7 @@ PolicyBuilder& PolicyBuilder::AddPolicyOnMmap(BpfFunc f) {
} }
PolicyBuilder& PolicyBuilder::DangerDefaultAllowAll() { PolicyBuilder& PolicyBuilder::DangerDefaultAllowAll() {
default_action_ = ALLOW; return DefaultAction(AllowAllSyscalls());
return *this;
} }
PolicyBuilder& PolicyBuilder::DefaultAction(AllowAllSyscalls) { PolicyBuilder& PolicyBuilder::DefaultAction(AllowAllSyscalls) {

View File

@ -672,9 +672,10 @@ class PolicyBuilder final {
// All syscalls not handled explicitly by the policy will thus be allowed. // All syscalls not handled explicitly by the policy will thus be allowed.
// Do not use in environment with untrusted code and/or data, ask // Do not use in environment with untrusted code and/or data, ask
// sandbox-team@ first if unsure. // sandbox-team@ first if unsure.
PolicyBuilder& DefaultAction(AllowAllSyscalls);
ABSL_DEPRECATED("Use DefaultAction(sandbox2::AllowAllSyscalls()) instead") ABSL_DEPRECATED("Use DefaultAction(sandbox2::AllowAllSyscalls()) instead")
PolicyBuilder& DangerDefaultAllowAll(); PolicyBuilder& DangerDefaultAllowAll();
PolicyBuilder& DefaultAction(AllowAllSyscalls);
// Allows syscalls that are necessary for the NetworkProxyClient // Allows syscalls that are necessary for the NetworkProxyClient
PolicyBuilder& AddNetworkProxyPolicy(); PolicyBuilder& AddNetworkProxyPolicy();