mirror of
https://github.com/google/sandboxed-api.git
synced 2024-03-22 13:11:30 +08:00
0940a9ee4a
PiperOrigin-RevId: 569433347 Change-Id: I49b031d46f426f23cbf4556f8e22a69d6adc2c74 |
||
---|---|---|
.. | ||
examples | ||
network_proxy | ||
testcases | ||
unwind | ||
util | ||
allow_all_syscalls.h | ||
allow_unrestricted_networking.h | ||
bpfdisassembler_test.cc | ||
bpfdisassembler.cc | ||
bpfdisassembler.h | ||
buffer_test.cc | ||
buffer.cc | ||
buffer.h | ||
BUILD.bazel | ||
client.cc | ||
client.h | ||
CMakeLists.txt | ||
comms_test.cc | ||
comms_test.proto | ||
comms.cc | ||
comms.h | ||
executor.cc | ||
executor.h | ||
fork_client.cc | ||
fork_client.h | ||
forkingclient.cc | ||
forkingclient.h | ||
forkserver_bin.cc | ||
forkserver_test.cc | ||
forkserver.cc | ||
forkserver.h | ||
forkserver.proto | ||
global_forkclient_lib_ctor.cc | ||
global_forkclient.cc | ||
global_forkclient.h | ||
ipc_test.cc | ||
ipc.cc | ||
ipc.h | ||
limits_test.cc | ||
limits.h | ||
logserver.cc | ||
logserver.h | ||
logserver.proto | ||
logsink.cc | ||
logsink.h | ||
monitor_base.cc | ||
monitor_base.h | ||
monitor_ptrace.cc | ||
monitor_ptrace.h | ||
monitor_unotify.cc | ||
monitor_unotify.h | ||
mount_tree.proto | ||
mounts_test.cc | ||
mounts.cc | ||
mounts.h | ||
namespace_test.cc | ||
namespace.cc | ||
namespace.h | ||
network_proxy_test.cc | ||
notify_test.cc | ||
notify.h | ||
policy_test.cc | ||
policy.cc | ||
policy.h | ||
policybuilder_test.cc | ||
policybuilder.cc | ||
policybuilder.h | ||
README.md | ||
regs_test.cc | ||
regs.cc | ||
regs.h | ||
result.cc | ||
result.h | ||
sandbox2_test.cc | ||
sandbox2.cc | ||
sandbox2.h | ||
sanitizer_test.cc | ||
sanitizer.cc | ||
sanitizer.h | ||
stack_trace_test.cc | ||
stack_trace.cc | ||
stack_trace.h | ||
syscall_defs.cc | ||
syscall_defs.h | ||
syscall_test.cc | ||
syscall.cc | ||
syscall.h | ||
testing.h | ||
util_test.cc | ||
util.cc | ||
util.h | ||
violation.proto |
Sandbox2
Sandbox2 is a C++ security sandbox for Linux which can be used to run untrusted programs or portions of programs in confined environments. The idea is that the runtime environment is so restricted that security bugs such as buffer overflows in the protected region cause no harm.
Documentation
Detailed developer documentation is available on the Google Developers site for Sandboxed API under Sandbox2.
There is also a Getting Started guide for Sandbox2.