mirror of
https://github.com/google/sandboxed-api.git
synced 2024-03-22 13:11:30 +08:00
c6b8e301e4
These where inadvertently introduced in an internal cleanup change. This change also removes a C++17-ism in var_proto.h. To make things easier for downstream projects, we should stick to C++11 for the time being. PiperOrigin-RevId: 271117700 Change-Id: I4eaacec88be16e1a561d3f77a61acce0a1af0b9d
42 lines
1.5 KiB
Python
42 lines
1.5 KiB
Python
# Copyright 2019 Google LLC. All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# The 'tool' example demonstrates:
|
|
# - a sandbox executor, sandboxee would be another program
|
|
# - sandboxee sandboxed before execve
|
|
# - very lax, separate sandbox policy written with BPFDSL
|
|
# - expose file descriptors to executor with ReceiveFd
|
|
# - set limits, wall time, filesystem checks, asynchronous run
|
|
# - test to ensure sandbox executor runs sandboxee without issue
|
|
|
|
licenses(["notice"])
|
|
|
|
load("//sandboxed_api/bazel:build_defs.bzl", "sapi_platform_copts")
|
|
|
|
# Executor
|
|
cc_binary(
|
|
name = "sandbox2tool",
|
|
srcs = ["sandbox2tool.cc"],
|
|
copts = sapi_platform_copts(),
|
|
deps = [
|
|
"//sandboxed_api/sandbox2",
|
|
"//sandboxed_api/sandbox2:util",
|
|
"//sandboxed_api/sandbox2/util:bpf_helper",
|
|
"//sandboxed_api/util:flags",
|
|
"@com_google_absl//absl/memory",
|
|
"@com_google_absl//absl/strings",
|
|
"@com_google_absl//absl/strings:str_format",
|
|
],
|
|
)
|