Generates sandboxes for C/C++ libraries automatically
Go to file
Christian Blichmann 9331eabd7e Copybara import of the project:
Including changes for GitHub -> internal migration

--
b5d7e43dde by Federico Stazi <34340238+FedericoStazi@users.noreply.github.com>:

Initial curl commit
--
24786c44d8 by Federico Stazi <fstazi@google.com>:

Added gitignore and curl submodule

--
6d5cfd575a by Federico Stazi <fstazi@google.com>:

Added new line at the end of files

--
c7423c5f8a by Federico Stazi <fstazi@google.com>:

Remove SHARED from add_sapi_library

--
05c0a4b004 by Federico Stazi <fstazi@google.com>:

Fix includes

--
5be51fabbe by Federico Stazi <fstazi@google.com>:

Improve comments

--
34338411b8 by Federico Stazi <fstazi@google.com>:

Improve style

--
8c68ac221f by Federico Stazi <fstazi@google.com>:

Address review comments

--
ac1112ae4d by Federico Stazi <fstazi@google.com>:

Minor fix

--
f47e1cc6ac by Federico Stazi <fstazi@google.com>:

Implement all curl methods

--
9291231275 by Federico Stazi <fstazi@google.com>:

Address reviews and improve code style

--
1b0a8edfd4 by Federico Stazi <fstazi@google.com>:

Minor fix

--
cea046d3e2 by Federico Stazi <fstazi@google.com>:

Implement stricter policy

--
cf23888b88 by Federico Stazi <fstazi@google.com>:

Improve and extend examples

--
6167cafbde by Federico Stazi <fstazi@google.com>:

Implement tests

--
9fed2ec097 by Federico Stazi <fstazi@google.com>:

Improved error handling

--
e446ec81a1 by Federico Stazi <fstazi@google.com>:

Address review comments

--
cf41ec4701 by Federico Stazi <34340238+FedericoStazi@users.noreply.github.com>:

Fix project name
--
9a4293a3cf by Federico Stazi <fstazi@google.com>:

Fix project name

--
bbebeee1a6 by Federico Stazi <fstazi@google.com>:

Fix test mock server

--
eb783de3f5 by Federico Stazi <fstazi@google.com>:

Address review comments

--
cf6cb89bca by Federico Stazi <fstazi@google.com>:

Minor mock server fix

--
b52d9e6e4f by Federico Stazi <fstazi@google.com>:

Address review comments

PiperOrigin-RevId: 333292204
Change-Id: I9ff27348028d9f22486492dc92c0859ff8f44d68
2020-09-23 08:00:10 -07:00
.bazelci Update BazelCI configuration to use Debian 10 2019-10-23 06:10:05 -07:00
cmake CMake build improvements 2020-09-23 06:43:01 -07:00
contrib Add directories/README for contributions 2020-07-29 11:32:41 +02:00
oss-internship-2020 Copybara import of the project: 2020-09-23 08:00:10 -07:00
sandboxed_api Use size_t/uintptr_t instead of uintptr_t or uint64_t where appropriate 2020-09-18 07:45:03 -07:00
.bazelrc Move .bazelrc to correct location next to WORKSPACE 2020-04-28 03:17:28 -07:00
.clang-format Update .clang-format to prefer & and * to be close to the type 2020-09-18 02:22:43 -07:00
.gitignore First MVP of a LibTooling based SAPI header generator 2020-05-15 15:35:42 +02:00
.gitmodules Copybara import of the project: 2020-09-23 08:00:10 -07:00
CMakeLists.txt CMake build improvements 2020-09-23 06:43:01 -07:00
CONTRIBUTING.md Sandboxed API OSS release. 2019-03-18 19:00:48 +01:00
LICENSE Sandboxed API OSS release. 2019-03-18 19:00:48 +01:00
README.md Update README, graphical assets 2020-03-19 09:27:42 -07:00
WORKSPACE Update dependencies to latest versions 2020-04-29 06:45:44 -07:00

Sandbox

Copyright 2019-2020 Google LLC.

Build status

What is Sandboxed API?

The Sandboxed API project (SAPI) aims to make sandboxing of C/C++ libraries less burdensome: after initial setup of security policies and generation of library interfaces, an almost-identical stub API is generated, transparently forwarding calls using a custom RPC layer to the real library running inside a sandboxed environment.

Additionally, each SAPI library utilizes a tightly defined security policy, in contrast to the typical sandboxed project, where security policies must cover the total syscall/resource footprint of all utilized libraries.

Documentation

Detailed developer documentation is available on the Google Developers site for Sandboxed API.

There is also a Getting Started guide.

Getting Involved

If you want to contribute, please read CONTRIBUTING.md and send us pull requests. You can also report bugs or file feature requests.

If you'd like to talk to the developers or get notified about major product updates, you may want to subscribe to our mailing list or sign up with this link.