sandboxed-api/sandboxed_api/sandbox2
Wiktor Garbacz cd945565f5 Run more tests with coverage and sanitizers
Running with a permissive test policy should not interfere with sanitizers
or coverage.
Most tests should run with such a permissive policy.
The exception are tests which actually tests policy enforcement.

PiperOrigin-RevId: 513548936
Change-Id: I9a4c2cc8074997cff08cc22d15f4736219ce4d63
2023-03-02 08:46:07 -08:00
..
examples Change the default action instead of appending ALLOW 2023-03-01 05:36:24 -08:00
network_proxy Use SyscallTrap in NetworkProxy 2022-11-30 05:47:44 -08:00
testcases Test stack unwinding more thoroughly 2023-03-02 05:09:49 -08:00
unwind Remove unused UnwindResult.ip, reuse RunLibUnwindAndSymbolizer 2023-03-02 02:40:15 -08:00
util Introduce SyscallTrap helper class 2022-11-30 05:21:12 -08:00
allow_all_syscalls.h Change the default action instead of appending ALLOW 2023-03-01 05:36:24 -08:00
bpfdisassembler.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
bpfdisassembler.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
buffer_test.cc Use namespaced policy in most tests 2023-02-16 07:12:46 -08:00
buffer.cc Remove Tag constructor, add standard comment for absl::WrapUnique(new T) 2022-10-25 06:20:51 -07:00
buffer.h Remove Tag constructor, add standard comment for absl::WrapUnique(new T) 2022-10-25 06:20:51 -07:00
BUILD.bazel Run more tests with coverage and sanitizers 2023-03-02 08:46:07 -08:00
client.cc #Cleanup: Consistently use std::make_unique 2022-10-12 05:23:42 -07:00
client.h Sandbox2: Graciously handle mapping over Comms/Exec fds 2022-10-10 09:39:01 -07:00
CMakeLists.txt Run more tests with coverage and sanitizers 2023-03-02 08:46:07 -08:00
comms_test.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
comms_test.proto Migration of remaining protobufs from proto2 to proto3 2022-03-16 00:43:46 -07:00
comms.cc contrib: Replace uses of CHECK_NOTNULL 2022-10-25 05:50:59 -07:00
comms.h Sandbox2: Graciously handle mapping over Comms/Exec fds 2022-10-10 09:39:01 -07:00
executor.cc Extract SandboxeeProcess and move it down the call chain 2023-02-07 02:22:45 -08:00
executor.h Extract SandboxeeProcess and move it down the call chain 2023-02-07 02:22:45 -08:00
fork_client.cc Extract SandboxeeProcess and move it down the call chain 2023-02-07 02:22:45 -08:00
fork_client.h Extract SandboxeeProcess and move it down the call chain 2023-02-07 02:22:45 -08:00
forkingclient.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
forkingclient.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
forkserver_bin.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
forkserver_test.cc Extract SandboxeeProcess and move it down the call chain 2023-02-07 02:22:45 -08:00
forkserver.cc Remove AllowUnsafeKeepCapabilities() 2023-02-02 04:47:02 -08:00
forkserver.h stack_trace: pass fd to sandboxee's memory instead of using process_vm_readv 2023-01-19 05:44:50 -08:00
forkserver.proto Migrate forkserver.proto to proto3 syntax 2022-03-14 07:28:23 -07:00
global_forkclient_lib_ctor.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
global_forkclient.cc Remove unused dependency 2023-02-15 11:35:14 -08:00
global_forkclient.h Extract SandboxeeProcess and move it down the call chain 2023-02-07 02:22:45 -08:00
ipc_test.cc Change the default action instead of appending ALLOW 2023-03-01 05:36:24 -08:00
ipc.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
ipc.h Split PtraceMonitor out of Monitor 2023-01-23 01:42:28 -08:00
limits_test.cc Change the default action instead of appending ALLOW 2023-03-01 05:36:24 -08:00
limits.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
logserver.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
logserver.h Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
logserver.proto Migration of remaining protobufs from proto2 to proto3 2022-03-16 00:43:46 -07:00
logsink.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
logsink.h Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
monitor_base.cc Decouple sandboxed stack tracing 2023-02-16 06:07:15 -08:00
monitor_base.h Decouple sandboxed stack tracing 2023-02-16 06:07:15 -08:00
monitor_ptrace.cc Decouple sandboxed stack tracing 2023-02-16 06:07:15 -08:00
monitor_ptrace.h Decouple sandboxed stack tracing 2023-02-16 06:07:15 -08:00
mount_tree.proto Migrate to proto3, change is_ro to is_rw (default value is false), and rename mounttree.proto 2022-03-14 05:15:15 -07:00
mounts_test.cc Use namespaced policy in most tests 2023-02-16 07:12:46 -08:00
mounts.cc Protobuf doesn't directly support heterogeneous lookup with absl::string_view 2023-01-19 07:32:03 -08:00
mounts.h stack_trace: pass fd to sandboxee's memory instead of using process_vm_readv 2023-01-19 05:44:50 -08:00
namespace_test.cc Change the default action instead of appending ALLOW 2023-03-01 05:36:24 -08:00
namespace.cc Rename and move CreateDirRecursive 2023-02-16 10:44:01 -08:00
namespace.h Remove AllowUnsafeKeepCapabilities() 2023-02-02 04:47:02 -08:00
notify_test.cc Use namespaced policy in most tests 2023-02-16 07:12:46 -08:00
notify.h Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
policy_test.cc Use namespaced policy in most tests 2023-02-16 07:12:46 -08:00
policy.cc Update IfThenChange after monitor split 2023-02-02 05:17:03 -08:00
policy.h Use namespaced policy in most tests 2023-02-16 07:12:46 -08:00
policybuilder_test.cc Change the default action instead of appending ALLOW 2023-03-01 05:36:24 -08:00
policybuilder.cc Change the default action instead of appending ALLOW 2023-03-01 05:36:24 -08:00
policybuilder.h Change the default action instead of appending ALLOW 2023-03-01 05:36:24 -08:00
README.md Update references to the new documentation 2021-12-14 09:03:29 -08:00
regs_test.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
regs.cc Remove OsErrorMessage in favor of Abseil's new ErrnoToStatus 2022-04-21 06:15:38 -07:00
regs.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
result.cc Full syscall info in Result::ToString 2023-01-12 03:57:44 -08:00
result.h #Cleanup: Consistently use std::make_unique 2022-10-12 05:23:42 -07:00
sandbox2_test.cc Run more tests with coverage and sanitizers 2023-03-02 08:46:07 -08:00
sandbox2.cc Decouple sandboxed stack tracing 2023-02-16 06:07:15 -08:00
sandbox2.h Split PtraceMonitor into separate file 2023-01-30 05:09:20 -08:00
sanitizer_test.cc Change the default action instead of appending ALLOW 2023-03-01 05:36:24 -08:00
sanitizer.cc Remove OsErrorMessage in favor of Abseil's new ErrnoToStatus 2022-04-21 06:15:38 -07:00
sanitizer.h Delete deprecated ::sandbox2::Sandbox2::WaitForTsan and its remaining call sites. 2022-02-03 11:23:56 -08:00
stack_trace_test.cc Test stack unwinding more thoroughly 2023-03-02 05:09:49 -08:00
stack_trace.cc Decouple sandboxed stack tracing 2023-02-16 06:07:15 -08:00
stack_trace.h Decouple sandboxed stack tracing 2023-02-16 06:07:15 -08:00
syscall_defs.cc More precise sycall_defs 2022-12-22 05:00:48 -08:00
syscall_defs.h Make code not have a -Warray-parameter warning. 2022-08-15 22:55:51 -07:00
syscall_test.cc Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
syscall.cc Use Abseil's log/flags instead of glog/gflags 2022-10-20 06:48:51 -07:00
syscall.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
testing.h Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
util_test.cc Rename and move CreateDirRecursive 2023-02-16 10:44:01 -08:00
util.cc Rename and move CreateDirRecursive 2023-02-16 10:44:01 -08:00
util.h Rename and move CreateDirRecursive 2023-02-16 10:44:01 -08:00
violation.proto Add field to track policy source location 2023-02-24 07:55:23 -08:00

Sandbox2

Sandbox2 is a C++ security sandbox for Linux which can be used to run untrusted programs or portions of programs in confined environments. The idea is that the runtime environment is so restricted that security bugs such as buffer overflows in the protected region cause no harm.

Documentation

Detailed developer documentation is available on the Google Developers site for Sandboxed API under Sandbox2.

There is also a Getting Started guide for Sandbox2.