sandboxed-api/sandboxed_api/sandbox2/examples/tool/BUILD.bazel
Christian Blichmann 177b969e8c
Sandboxed API OSS release.
PiperOrigin-RevId: 238996664
Change-Id: I9646527e2be68ee0b6b371572b7aafe967102e57

Signed-off-by: Christian Blichmann <cblichmann@google.com>
2019-03-18 19:00:48 +01:00

39 lines
1.4 KiB
Python

# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# The 'tool' example demonstrates:
# - a sandbox executor, sandboxee would be another program
# - sandboxee sandboxed before execve
# - very lax, separate sandbox policy written with BPFDSL
# - expose file descriptors to executor with ReceiveFd
# - set limits, wall time, filesystem checks, asynchronous run
# - test to ensure sandbox executor runs sandboxee without issue
licenses(["notice"]) # Apache 2.0
# Executor
cc_binary(
name = "sandbox2tool",
srcs = ["sandbox2tool.cc"],
deps = [
"//sandboxed_api/sandbox2",
"//sandboxed_api/sandbox2:util",
"//sandboxed_api/sandbox2/util:bpf_helper",
"//sandboxed_api/util:flag",
"@com_google_absl//absl/memory",
"@com_google_absl//absl/strings",
"@com_google_absl//absl/strings:str_format",
],
)