sandboxed-api/sandboxed_api/sandbox2
Wiktor Garbacz 0940a9ee4a Export config.h from syscall.h for sapi::cpu::Architecture
PiperOrigin-RevId: 569433347
Change-Id: I49b031d46f426f23cbf4556f8e22a69d6adc2c74
2023-09-29 02:32:49 -07:00
..
examples Ensure that TCMalloc can execute NumCPUs. 2023-09-15 08:21:13 -07:00
network_proxy Use empty instead of length 2023-09-18 00:46:50 -07:00
testcases Ensure that TCMalloc can execute NumCPUs. 2023-09-15 08:21:13 -07:00
unwind
util Increase limits in ElfParser 2023-08-31 05:01:51 -07:00
allow_all_syscalls.h
allow_unrestricted_networking.h
bpfdisassembler_test.cc
bpfdisassembler.cc
bpfdisassembler.h
buffer_test.cc
buffer.cc
buffer.h
BUILD.bazel Do 1 level of recursion on libunwind crashes 2023-09-19 06:50:05 -07:00
client.cc
client.h
CMakeLists.txt Do 1 level of recursion on libunwind crashes 2023-09-19 06:50:05 -07:00
comms_test.cc Remove deprecated comms functions 2023-09-26 05:45:27 -07:00
comms_test.proto
comms.cc Remove deprecated comms functions 2023-09-26 05:45:27 -07:00
comms.h Remove deprecated comms functions 2023-09-26 05:45:27 -07:00
executor.cc
executor.h Do 1 level of recursion on libunwind crashes 2023-09-19 06:50:05 -07:00
fork_client.cc
fork_client.h
forkingclient.cc
forkingclient.h
forkserver_bin.cc Gather more coverage data 2023-09-07 02:43:04 -07:00
forkserver_test.cc
forkserver.cc Gather more coverage data 2023-09-07 02:43:04 -07:00
forkserver.h
forkserver.proto
global_forkclient_lib_ctor.cc
global_forkclient.cc Add missing return 2023-09-24 23:47:01 -07:00
global_forkclient.h
ipc_test.cc Run more tests with sanitizers and coverage 2023-09-05 07:14:49 -07:00
ipc.cc
ipc.h
limits_test.cc Skip sanitizers for limits_test 2023-09-15 04:57:24 -07:00
limits.h
logserver.cc
logserver.h Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
logserver.proto Migration of remaining protobufs from proto2 to proto3 2022-03-16 00:43:46 -07:00
logsink.cc
logsink.h
monitor_base.cc Do 1 level of recursion on libunwind crashes 2023-09-19 06:50:05 -07:00
monitor_base.h
monitor_ptrace.cc PtraceMonitor: Add a hard deadline for waiting for kill to take effect 2023-09-06 04:38:51 -07:00
monitor_ptrace.h PtraceMonitor: Add a hard deadline for waiting for kill to take effect 2023-09-06 04:38:51 -07:00
monitor_unotify.cc
monitor_unotify.h
mount_tree.proto
mounts_test.cc Bulk IWYU and build_cleaner fixes 2023-08-24 06:23:36 -07:00
mounts.cc
mounts.h
namespace_test.cc namespace_test: use lstat instead of stat, don't descent into procfs & sysfs 2023-09-14 02:09:12 -07:00
namespace.cc
namespace.h
network_proxy_test.cc NetworkProxyTest: test more error conditions 2023-09-05 02:17:25 -07:00
notify_test.cc
notify.h
policy_test.cc Ensure that TCMalloc can execute NumCPUs. 2023-09-15 08:21:13 -07:00
policy.cc Disallow clone3, unsafe clone and unshare flags 2023-09-12 06:30:45 -07:00
policy.h
policybuilder_test.cc PolicyBuilder: test error conditions for AddPolicyOnSyscalls 2023-09-05 07:13:56 -07:00
policybuilder.cc Ensure that TCMalloc can execute NumCPUs. 2023-09-15 08:21:13 -07:00
policybuilder.h
README.md
regs_test.cc
regs.cc Bulk IWYU and build_cleaner fixes 2023-08-24 06:23:36 -07:00
regs.h
result.cc
result.h Final round of IWYU fixes for Sandbox2 2023-08-25 06:50:29 -07:00
sandbox2_test.cc Bulk IWYU and build_cleaner fixes 2023-08-24 06:23:36 -07:00
sandbox2.cc
sandbox2.h
sanitizer_test.cc
sanitizer.cc Bulk IWYU and build_cleaner fixes 2023-08-24 06:23:36 -07:00
sanitizer.h
stack_trace_test.cc Do 1 level of recursion on libunwind crashes 2023-09-19 06:50:05 -07:00
stack_trace.cc Do 1 level of recursion on libunwind crashes 2023-09-19 06:50:05 -07:00
stack_trace.h Do 1 level of recursion on libunwind crashes 2023-09-19 06:50:05 -07:00
syscall_defs.cc Add missing Aarch64 syscall entries 2023-09-05 02:03:36 -07:00
syscall_defs.h
syscall_test.cc
syscall.cc
syscall.h Export config.h from syscall.h for sapi::cpu::Architecture 2023-09-29 02:32:49 -07:00
testing.h Add IWYU pragma 2023-08-23 07:14:21 -07:00
util_test.cc Bulk IWYU and build_cleaner fixes 2023-08-24 06:23:36 -07:00
util.cc Remove deprecated VecStringToCharPtrArr 2023-09-07 03:09:30 -07:00
util.h Remove deprecated VecStringToCharPtrArr 2023-09-07 03:09:30 -07:00
violation.proto

Sandbox2

Sandbox2 is a C++ security sandbox for Linux which can be used to run untrusted programs or portions of programs in confined environments. The idea is that the runtime environment is so restricted that security bugs such as buffer overflows in the protected region cause no harm.

Documentation

Detailed developer documentation is available on the Google Developers site for Sandboxed API under Sandbox2.

There is also a Getting Started guide for Sandbox2.