mirror of
https://github.com/google/sandboxed-api.git
synced 2024-03-22 13:11:30 +08:00
added a sandbox file and extracted the functions that will be sandboxed
This commit is contained in:
parent
de27b90ae4
commit
56481b1c9f
|
@ -27,23 +27,50 @@ add_subdirectory("${SAPI_ROOT}"
|
||||||
EXCLUDE_FROM_ALL
|
EXCLUDE_FROM_ALL
|
||||||
)
|
)
|
||||||
|
|
||||||
|
file(STRINGS functions_to_sandbox.txt FUNCTIONS_LIST)
|
||||||
|
|
||||||
add_sapi_library(
|
add_sapi_library(
|
||||||
libarchive_sapi
|
libarchive_sapi
|
||||||
|
|
||||||
|
#FUNCTIONS ${FUNCTIONS_LIST}
|
||||||
|
#FUNCTIONS archive_read_new
|
||||||
FUNCTIONS
|
FUNCTIONS
|
||||||
archive_read_new
|
archive_entry_free
|
||||||
archive_write_disk_new
|
archive_entry_new
|
||||||
archive_write_disk_set_options
|
archive_entry_pathname
|
||||||
archive_read_support_filter_bzip2
|
archive_entry_sourcepath
|
||||||
archive_read_support_filter_gzip
|
archive_error_string
|
||||||
archive_read_support_filter_compress
|
archive_read_close
|
||||||
archive_read_support_format_tar
|
archive_read_data_block
|
||||||
archive_read_support_format_cpio
|
archive_read_disk_descend
|
||||||
archive_write_disk_set_standard_lookup
|
archive_read_disk_new
|
||||||
archive_read_open_filename
|
archive_read_disk_open
|
||||||
archive_error_string
|
archive_read_disk_set_standard_lookup
|
||||||
archive_read_next_header
|
archive_read_free
|
||||||
archive_entry_pathname
|
archive_read_new
|
||||||
|
archive_read_next_header
|
||||||
|
archive_read_next_header2
|
||||||
|
archive_read_open_filename
|
||||||
|
archive_read_support_filter_bzip2
|
||||||
|
archive_read_support_filter_compress
|
||||||
|
archive_read_support_filter_gzip
|
||||||
|
archive_read_support_format_cpio
|
||||||
|
archive_read_support_format_tar
|
||||||
|
archive_write_add_filter_bzip2
|
||||||
|
archive_write_add_filter_compress
|
||||||
|
archive_write_add_filter_gzip
|
||||||
|
archive_write_add_filter_none
|
||||||
|
archive_write_close
|
||||||
|
archive_write_data
|
||||||
|
archive_write_data_block
|
||||||
|
archive_write_disk_new
|
||||||
|
archive_write_disk_set_options
|
||||||
|
archive_write_disk_set_standard_lookup
|
||||||
|
archive_write_free
|
||||||
|
archive_write_header
|
||||||
|
archive_write_new
|
||||||
|
archive_write_open_filename
|
||||||
|
archive_write_set_format_ustar
|
||||||
|
|
||||||
INPUTS libarchive/libarchive/archive.h
|
INPUTS libarchive/libarchive/archive.h
|
||||||
LIBRARY archive
|
LIBRARY archive
|
||||||
|
|
32
oss-internship-2020/sapi_libarchive/examples/sandbox.h
Normal file
32
oss-internship-2020/sapi_libarchive/examples/sandbox.h
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
#ifndef SAPI_LIBARCHIVE_SANDBOX_H
|
||||||
|
#define SAPI_LIBARCHIVE_SANDBOX_H
|
||||||
|
|
||||||
|
#include <syscall.h>
|
||||||
|
#include "libarchive_sapi.sapi.h"
|
||||||
|
|
||||||
|
class SapiLibarchiveSandboxCreate : public LibarchiveSandbox {
|
||||||
|
public:
|
||||||
|
// TODO
|
||||||
|
explicit SapiLibarchiveSandboxCreate() {}
|
||||||
|
private:
|
||||||
|
std::unique_ptr<sandbox2::Policy> ModifyPolicy(
|
||||||
|
sandbox2::PolicyBuilder*) override {
|
||||||
|
return sandbox2::PolicyBuilder()
|
||||||
|
.BuildOrDie();
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
class SapiLibarchiveSandboxExtract : public LibarchiveSandbox {
|
||||||
|
public:
|
||||||
|
// TODO
|
||||||
|
explicit SapiLibarchiveSandboxExtract() {}
|
||||||
|
private:
|
||||||
|
virtual void ModifyExecutor(sandbox2::Executor* executor) override {
|
||||||
|
// TODO create /output/ + chdir here if do_execute
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#endif // SAPI_LIBARCHIVE_SANDBOX_H
|
36
oss-internship-2020/sapi_libarchive/functions_to_sandbox.txt
Normal file
36
oss-internship-2020/sapi_libarchive/functions_to_sandbox.txt
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
archive_entry_free
|
||||||
|
archive_entry_new
|
||||||
|
archive_entry_pathname
|
||||||
|
archive_entry_sourcepath
|
||||||
|
archive_error_string
|
||||||
|
archive_read_close
|
||||||
|
archive_read_data_block
|
||||||
|
archive_read_disk_descend
|
||||||
|
archive_read_disk_new
|
||||||
|
archive_read_disk_open
|
||||||
|
archive_read_disk_set_standard_lookup
|
||||||
|
archive_read_free
|
||||||
|
archive_read_new
|
||||||
|
archive_read_next_header
|
||||||
|
archive_read_next_header2
|
||||||
|
archive_read_open_filename
|
||||||
|
archive_read_support_filter_bzip2
|
||||||
|
archive_read_support_filter_compress
|
||||||
|
archive_read_support_filter_gzip
|
||||||
|
archive_read_support_format_cpio
|
||||||
|
archive_read_support_format_tar
|
||||||
|
archive_write_add_filter_bzip2
|
||||||
|
archive_write_add_filter_compress
|
||||||
|
archive_write_add_filter_gzip
|
||||||
|
archive_write_add_filter_none
|
||||||
|
archive_write_close
|
||||||
|
archive_write_data
|
||||||
|
archive_write_data_block
|
||||||
|
archive_write_disk_new
|
||||||
|
archive_write_disk_set_options
|
||||||
|
archive_write_disk_set_standard_lookup
|
||||||
|
archive_write_free
|
||||||
|
archive_write_header
|
||||||
|
archive_write_new
|
||||||
|
archive_write_open_filename
|
||||||
|
archive_write_set_format_ustar
|
Loading…
Reference in New Issue
Block a user