StarMirror/sandboxed-api
1
0
Fork 0
mirror of https://github.com/google/sandboxed-api.git synced 2024-03-22 13:11:30 +08:00
Code Issues Projects Releases Wiki Activity
sandboxed-api/sandboxed_api/sandbox2
History
Wiktor Garbacz 9a985f91a7 Replace use of deprecated sandbox2::Comms functions 
PiperOrigin-RevId: 566863078
Change-Id: Ida96eb8046ff96bdd41cec4a1427073ae43930d9
2023-09-19 23:55:05 -07:00
..
examples
Ensure that TCMalloc can execute NumCPUs.
2023-09-15 08:21:13 -07:00
network_proxy
Use empty instead of length
2023-09-18 00:46:50 -07:00
testcases
Ensure that TCMalloc can execute NumCPUs.
2023-09-15 08:21:13 -07:00
unwind
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
util
Increase limits in ElfParser
2023-08-31 05:01:51 -07:00
allow_all_syscalls.h
Fix typo
2023-05-04 00:46:53 -07:00
allow_unrestricted_networking.h
Sandbox2: Remove commented out include
2023-06-23 00:46:59 -07:00
bpfdisassembler_test.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
bpfdisassembler.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
bpfdisassembler.h
Final round of IWYU fixes for Sandbox2
2023-08-25 06:50:29 -07:00
buffer_test.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
buffer.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
buffer.h
BUILD.bazel
Do 1 level of recursion on libunwind crashes
2023-09-19 06:50:05 -07:00
client.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
client.h
IWYU fixes
2023-08-23 09:04:00 -07:00
CMakeLists.txt
Do 1 level of recursion on libunwind crashes
2023-09-19 06:50:05 -07:00
comms_test.cc
Replace use of deprecated sandbox2::Comms functions
2023-09-19 23:55:05 -07:00
comms_test.proto
comms.cc
Refactor Comms to split out listening/connecting part
2023-09-19 05:14:09 -07:00
comms.h
Refactor Comms to split out listening/connecting part
2023-09-19 05:14:09 -07:00
executor.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
executor.h
Do 1 level of recursion on libunwind crashes
2023-09-19 06:50:05 -07:00
fork_client.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
fork_client.h
Seccomp_unotify based monitor
2023-03-08 08:09:34 -08:00
forkingclient.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
forkingclient.h
forkserver_bin.cc
Gather more coverage data
2023-09-07 02:43:04 -07:00
forkserver_test.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
forkserver.cc
Gather more coverage data
2023-09-07 02:43:04 -07:00
forkserver.h
Always override forkservers comms_fd in sandboxee
2023-08-30 02:20:56 -07:00
forkserver.proto
Treat libunwind sandbox as a ~regular sandboxee
2023-08-17 13:32:44 -07:00
global_forkclient_lib_ctor.cc
global_forkclient.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
global_forkclient.h
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
ipc_test.cc
Run more tests with sanitizers and coverage
2023-09-05 07:14:49 -07:00
ipc.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
ipc.h
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
limits_test.cc
Skip sanitizers for limits_test
2023-09-15 04:57:24 -07:00
limits.h
logserver.cc
logserver.h
logserver.proto
logsink.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
logsink.h
monitor_base.cc
Do 1 level of recursion on libunwind crashes
2023-09-19 06:50:05 -07:00
monitor_base.h
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
monitor_ptrace.cc
PtraceMonitor: Add a hard deadline for waiting for kill to take effect
2023-09-06 04:38:51 -07:00
monitor_ptrace.h
PtraceMonitor: Add a hard deadline for waiting for kill to take effect
2023-09-06 04:38:51 -07:00
monitor_unotify.cc
Reduce CHECK-failures in unotify monitor
2023-08-30 02:56:16 -07:00
monitor_unotify.h
Reduce CHECK-failures in unotify monitor
2023-08-30 02:56:16 -07:00
mount_tree.proto
mounts_test.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
mounts.cc
Final round of IWYU fixes for Sandbox2
2023-08-25 06:50:29 -07:00
mounts.h
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
namespace_test.cc
namespace_test: use lstat instead of stat, don't descent into procfs & sysfs
2023-09-14 02:09:12 -07:00
namespace.cc
Final round of IWYU fixes for Sandbox2
2023-08-25 06:50:29 -07:00
namespace.h
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
network_proxy_test.cc
NetworkProxyTest: test more error conditions
2023-09-05 02:17:25 -07:00
notify_test.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
notify.h
policy_test.cc
Ensure that TCMalloc can execute NumCPUs.
2023-09-15 08:21:13 -07:00
policy.cc
Disallow clone3, unsafe clone and unshare flags
2023-09-12 06:30:45 -07:00
policy.h
Final round of IWYU fixes for Sandbox2
2023-08-25 06:50:29 -07:00
policybuilder_test.cc
PolicyBuilder: test error conditions for AddPolicyOnSyscalls
2023-09-05 07:13:56 -07:00
policybuilder.cc
Ensure that TCMalloc can execute NumCPUs.
2023-09-15 08:21:13 -07:00
policybuilder.h
Run more tests with coverage enabled
2023-08-31 00:44:23 -07:00
README.md
regs_test.cc
Final round of IWYU fixes for Sandbox2
2023-08-25 06:50:29 -07:00
regs.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
regs.h
Final round of IWYU fixes for Sandbox2
2023-08-25 06:50:29 -07:00
result.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
result.h
Final round of IWYU fixes for Sandbox2
2023-08-25 06:50:29 -07:00
sandbox2_test.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
sandbox2.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
sandbox2.h
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
sanitizer_test.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
sanitizer.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
sanitizer.h
Final round of IWYU fixes for Sandbox2
2023-08-25 06:50:29 -07:00
stack_trace_test.cc
Do 1 level of recursion on libunwind crashes
2023-09-19 06:50:05 -07:00
stack_trace.cc
Do 1 level of recursion on libunwind crashes
2023-09-19 06:50:05 -07:00
stack_trace.h
Do 1 level of recursion on libunwind crashes
2023-09-19 06:50:05 -07:00
syscall_defs.cc
Add missing Aarch64 syscall entries
2023-09-05 02:03:36 -07:00
syscall_defs.h
syscall_test.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
syscall.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
syscall.h
Seccomp_unotify based monitor
2023-03-08 08:09:34 -08:00
testing.h
Add IWYU pragma
2023-08-23 07:14:21 -07:00
util_test.cc
Bulk IWYU and build_cleaner fixes
2023-08-24 06:23:36 -07:00
util.cc
Remove deprecated VecStringToCharPtrArr
2023-09-07 03:09:30 -07:00
util.h
Remove deprecated VecStringToCharPtrArr
2023-09-07 03:09:30 -07:00
violation.proto
Add field to track policy source location
2023-02-24 07:55:23 -08:00

README.md

Sandbox2

Sandbox2 is a C++ security sandbox for Linux which can be used to run untrusted programs or portions of programs in confined environments. The idea is that the runtime environment is so restricted that security bugs such as buffer overflows in the protected region cause no harm.

Documentation

Detailed developer documentation is available on the Google Developers site for Sandboxed API under Sandbox2.

There is also a Getting Started guide for Sandbox2.