StarMirror/sandboxed-api
1
0
Fork 0
mirror of https://github.com/google/sandboxed-api.git synced 2024-03-22 13:11:30 +08:00
Code Issues Projects Releases Wiki Activity
dbaf95c724
sandboxed-api/oss-internship-2020/libarchive
History
Christian Blichmann dbaf95c724 Move utility code into sandboxed_api/util 
This change should make it less confusing where utility code comes from.
Having it in two places made sense when we were debating whether to publish
Sandbox2 separately, but not any longer.

Follow-up changes will move `sandbox2/util.h` and rename the remaining
`sandbox2/util` folder.

PiperOrigin-RevId: 351601640
Change-Id: I6256845261f610e590c25e2c59851cc51da2d778
2021-01-13 09:25:52 -08:00
..
examples Move utility code into sandboxed_api/util 2021-01-13 09:25:52 -08:00
ld_preload_example Move utility code into sandboxed_api/util 2021-01-13 09:25:52 -08:00
patches renamed main project folder 2020-09-28 15:35:51 +00:00
test Move utility code into sandboxed_api/util 2021-01-13 09:25:52 -08:00
.gitignore Modified sandbox to limit ioctl. Use .value() instead of manually checking .ok(). 2020-10-02 15:52:29 +00:00
CMakeLists.txt Added ld_preload example usage 2020-10-08 10:58:21 +00:00
functions_to_sandbox.txt renamed main project folder 2020-09-28 15:35:51 +00:00
README.md added empty line at the end of files (was removed by clang-format) 2020-10-07 14:36:24 +00:00

README.md

libarchive Sandboxed API

Sandboxed version of the libarchive minitar example using Sandboxed API.

Build

mkdir -p build && cd build
cmake .. -G Ninja
cmake --build .

The example binary file can be found at build/examples/sapi_minitar and the unit tests at build/test/sapi_minitar_test.

Patches

The original libarchive code required patching since one of the custom types produced errors with libclang Python byndings. The patches are applied automatically during the build step and they do not modify the functionality of the library. The repository is also fetched automatically.

Examples

In this project, the minitar example is sandboxed. The code is found in the examples directory and is structured as follows:

  • sapi_minitar_main.cc - main function of the minitar tool. This is mostly similar to the original example.
  • sapi_minitar.h and sapi_minitar.cc - The two main functions (CreateArchive and ExtractArchive) and other helper functions.
  • sandbox.h - Custom security policies, depending on the whether the user creates or extracts an archive.

On top of that, unit tests can be found in the test/minitar_test.cc file.

Usage

The unit tests can be executed with ./build/test/sapi_minitar_test.

The sapi_minitar command line tool can be used in the same way as the original example. It is also similar to the tar command, only with fewer options:

./build/examples/sapi_minitar -[options] [-f file] [files]

The available options are:

  • c - Create archive.
  • x - Extract archive.
  • t - Extract archive but only print entries.
  • p - Preserve.
  • v - Verbose.
  • j or y - Compress with BZIP2.
  • Z - Default compression.
  • z - Compress with GZIP.

If no compression method is chosen (in the case of archive creation) the files will only be stored.