Code to enable sandboxing. More...
#include "orconfig.h"#include <stdio.h>#include <string.h>#include <stdlib.h>#include "sandbox.h"#include "container.h"#include "torlog.h"#include "torint.h"#include "util.h"#include "tor_queue.h"#include "ht.h"
Macros | |
| #define | _LARGEFILE64_SOURCE |
| #define | MALLOC_MP_LIM (20*1024*1024) |
| #define | DEBUGGING_CLOSE |
Functions | |
| sandbox_cfg_t * | sandbox_cfg_new (void) |
| int | sandbox_init (sandbox_cfg_t *cfg) |
| int | sandbox_cfg_allow_open_filename (sandbox_cfg_t **cfg, char *file) |
| int | sandbox_cfg_allow_openat_filename (sandbox_cfg_t **cfg, char *file) |
| int | sandbox_cfg_allow_stat_filename (sandbox_cfg_t **cfg, char *file) |
| int | sandbox_cfg_allow_chown_filename (sandbox_cfg_t **cfg, char *file) |
| int | sandbox_cfg_allow_chmod_filename (sandbox_cfg_t **cfg, char *file) |
| int | sandbox_cfg_allow_rename (sandbox_cfg_t **cfg, char *file1, char *file2) |
| int | sandbox_is_active (void) |
| void | sandbox_disable_getaddrinfo_cache (void) |
Detailed Description
Code to enable sandboxing.
Macro Definition Documentation
◆ _LARGEFILE64_SOURCE
| #define _LARGEFILE64_SOURCE |
Temporarily required for O_LARGEFILE flag. Needs to be removed with the libevent fix.
◆ MALLOC_MP_LIM
| #define MALLOC_MP_LIM (20*1024*1024) |
Malloc mprotect limit in bytes.
28/06/2017: This value was increased from 16 MB to 20 MB after we introduced LZMA support in Tor (0.3.1.1-alpha). We limit our LZMA coder to 16 MB, but liblzma have a small overhead that we need to compensate for to avoid being killed by the sandbox.
Function Documentation
◆ sandbox_cfg_allow_open_filename()
| int sandbox_cfg_allow_open_filename | ( | sandbox_cfg_t ** | cfg, |
| char * | file | ||
| ) |
Function used to add a open allowed filename to a supplied configuration. The (char*) specifies the path to the allowed file; we take ownership of the pointer.
◆ sandbox_cfg_allow_openat_filename()
| int sandbox_cfg_allow_openat_filename | ( | sandbox_cfg_t ** | cfg, |
| char * | file | ||
| ) |
Function used to add a openat allowed filename to a supplied configuration. The (char*) specifies the path to the allowed file; we steal the pointer to that file.
◆ sandbox_cfg_allow_stat_filename()
| int sandbox_cfg_allow_stat_filename | ( | sandbox_cfg_t ** | cfg, |
| char * | file | ||
| ) |
Function used to add a stat/stat64 allowed filename to a configuration. The (char*) specifies the path to the allowed file; that pointer is stolen.
◆ sandbox_cfg_new()
| sandbox_cfg_t* sandbox_cfg_new | ( | void | ) |
Creates an empty sandbox configuration file.
◆ sandbox_init()
| int sandbox_init | ( | sandbox_cfg_t * | cfg | ) |
Function used to initialise a sandbox configuration.
◆ sandbox_is_active()
| int sandbox_is_active | ( | void | ) |
Return true iff the sandbox is turned on.
