StarMirror/sandboxed-api
1
0
Fork 0
mirror of https://github.com/google/sandboxed-api.git synced 2024-03-22 13:11:30 +08:00
Code Issues Projects Releases Wiki Activity
203 Commits 1 Branch 3 Tags 144 MiB
441201884a
Commit Graph

11 Commits

Author SHA1 Message Date
Christian Blichmann
441201884a Update license header with recommended best practices 
PiperOrigin-RevId: 290250533
Change-Id: Ic34b253446463cf971a055b70a242df93a598ee3
 2020-01-17 05:05:29 -08:00
Wiktor Garbacz
1673ade4e4 Remount chroot as read-only 
PiperOrigin-RevId: 280394655
Change-Id: I1490b7dfbbca3d91f5efb4dd5800397c9da57da8
 2019-11-14 03:51:26 -08:00
Kristj?n J?nsson
78824353d1 Make PolicyBuilder a value class. 
This makes the class more ergonomic because
* You don't have to heap allocate the builder.
* You can create a policy builder "template" and re-use it across sandboxes to avoid repetitive work.

PiperOrigin-RevId: 273555679
Change-Id: I4084ee9c74f95ebfde873eb0dc021b3b3cdc5ea2
 2019-10-08 10:45:45 -07:00
Wiktor Garbacz
2e22b13b39 Enable namespaces by default 
PiperOrigin-RevId: 268417712
Change-Id: I496d76e8a90665627b9be2bb5f9872a5df1c84e4
 2019-09-11 02:39:49 -07:00
Christian Blichmann
276b7efc92 Internal change. 
PiperOrigin-RevId: 265057217
Change-Id: Id00c867b373dbe8c9112c23ef4b0300ed3ca9e5b
 2019-08-23 08:08:51 -07:00
bielec
ef7592cfdd Now the network proxy client can automatically redirect connect syscalls to a handler that will send the data (syscall arguments) to the proxy server automatically and will return the obtained socket from the proxy server, in the future rules like allowed IP, protocols, etc. will be added 
PiperOrigin-RevId: 259512665
Change-Id: I2747c7548ab24c7d2c90abb303fd783c11fed6f4
 2019-07-23 04:41:08 -07:00
Christian Blichmann
747ccb57e8 Rename stack-trace{.h,.cc,._test.cc} to use underscores 
PiperOrigin-RevId: 257144753
Change-Id: I4ce0dffad552c25b61102adfb1c03b8aea427dd9
 2019-07-09 01:32:25 -07:00
Sandboxed API Team
970257d87b Allow two madvise calls for asan & tsan builds. 
bbfa21f177/lib/sanitizer_common/sanitizer_posix_libcdep.cc (L71)

PiperOrigin-RevId: 252048323
Change-Id: I457e708f0b024fd9db4ad39265cb904777ca52b5
 2019-06-07 07:53:10 -07:00
Wiktor Garbacz
85059ef40d Add DisableNamespaces to PolicyBuilder 
Currently mostly no-op, but this is the first step to turn namespaces on
by default.

PiperOrigin-RevId: 249439158
Change-Id: I5eeb1216dc868c660f62ad50c34f626afbf7db61
 2019-05-22 06:54:12 -07:00
Christian Blichmann
f04be9276f Formatting fixes and include file hygiene. 
PiperOrigin-RevId: 240346890
Change-Id: I1a9617f10a62a848b6314a6196512e016ae02643
 2019-03-26 07:54:21 -07:00
Christian Blichmann
177b969e8c
Sandboxed API OSS release. 
PiperOrigin-RevId: 238996664
Change-Id: I9646527e2be68ee0b6b371572b7aafe967102e57

Signed-off-by: Christian Blichmann <cblichmann@google.com>
 2019-03-18 19:00:48 +01:00