StarMirror/sandboxed-api
1
0
Fork 0
mirror of https://github.com/google/sandboxed-api.git synced 2024-03-22 13:11:30 +08:00
Code Issues Projects Releases Wiki Activity
aff27f4559
sandboxed-api/sandboxed_api
History
Sandboxed API Team aff27f4559 Update PolicyBuilder to include wrappers for more syscall families that differ between platforms. 
New wrappers:

- `AllowEpollWait` (`epoll_wait`, `epoll_pwait`, `epoll_pwait2`)
- `AllowInotifyInit` (`inotify_init`, `inotify_init1`)
- `AllowSelect` (`select`, `pselect6`)
- `AllowDup` (`dup`, `dup2`, `dup3`)
- `AllowPipe` (`pipe`, `pipe2`)
- `AllowChmod` (`chmod`, `fchmod`, `fchmodat`)
- `AllowChown` (`chown`, `lchown`, `fchown`, `fchownat`)
- `AllowReadlink` (`readlink`, `readlinkat`)
- `AllowLink` (`link`, `linkat`)
- `AllowSymlink` (`symlink`, `symlinkat`)
- `AllowMkdir` (`mkdir`, `mkdirat`)
- `AllowUtime` (`utime`, `utimes`, `futimens`, `utimensat`)
- `AllowAlarm` (`alarm`, `setitimer`)
- `AllowGetPGIDs` (`getpgid`, `getpgrp`)
- `AllowPoll` (`poll`, `ppoll`)

Updated wrappers:

- `AllowOpen` now includes `creat`. `openat` already grants the ability to create files, and is the designated replacement for `creat` on newer platforms.
- `AllowStat` now includes `fstatfs` and `fstatfs64`. The comment already claimed that these syscalls were included; I believe they were omitted by accident.
- `AllowUnlink` now includes `rmdir`. `unlinkat` already grants the ability to remove empty directories, and is the designated replacement for `rmdir` on newer platforms.

PiperOrigin-RevId: 495045432
Change-Id: I41eccb74fda250b27586b6b7fe4c480332e48846
2022-12-13 09:32:17 -08:00
..
bazel Handle S2 unwinding by trapping ptrace 2022-11-30 06:00:29 -08:00
docs Update references to the new documentation 2021-12-14 09:03:29 -08:00
examples Internal change 2022-11-29 00:48:47 -08:00
sandbox2 Update PolicyBuilder to include wrappers for more syscall families that differ between platforms. 2022-12-13 09:32:17 -08:00
tools clang_generator: Implement limit_scan_depth feature 2022-11-23 09:09:50 -08:00
util Internal compatible_with change 2022-11-28 09:55:57 -08:00
BUILD.bazel Internal compatible_with change 2022-11-28 09:55:57 -08:00
call.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
client.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
CMakeLists.txt Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
config.h For the SECCOMP event, check if the event msg is in the range of one of the known architectures. 2022-08-31 08:09:37 -07:00
embed_file.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
embed_file.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
file_toc.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
lenval_core.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
proto_arg.proto Migration of remaining protobufs from proto2 to proto3 2022-03-16 00:43:46 -07:00
proto_helper.cc Change to proto2::MessageLite and resolve reflextion for mobile builds 2022-03-03 04:48:30 -08:00
proto_helper.h Change to proto2::MessageLite and resolve reflextion for mobile builds 2022-03-03 04:48:30 -08:00
rpcchannel.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
rpcchannel.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
sandbox.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
sandbox.h Internal Changes 2022-05-19 04:55:24 -07:00
sapi_test.cc #Cleanup: Consistently use std::make_unique 2022-10-12 05:23:42 -07:00
testing.cc bazel: Drop dependency on util/flags.h in runfiles helper 2022-04-20 04:46:08 -07:00
testing.h This change introduces internal experimental support for Android. 2022-06-08 06:51:41 -07:00
transaction.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
transaction.h Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
var_abstract.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
var_abstract.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
var_array.h Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
var_int.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
var_int.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
var_lenval.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
var_lenval.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
var_proto.h #Cleanup: Consistently use std::make_unique 2022-10-12 05:23:42 -07:00
var_ptr.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
var_reg.h Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
var_struct.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
var_type.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
var_void.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
vars.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00