Header file for sandbox.c. More...
Go to the source code of this file.
Macros | |
| #define | SYS_SECCOMP 1 |
| #define | sandbox_getaddrinfo(name, servname, hints, res) getaddrinfo((name),(servname), (hints),(res)) |
| #define | sandbox_add_addrinfo(name) ((void)(name)) |
| #define | sandbox_freeaddrinfo(addrinfo) freeaddrinfo((addrinfo)) |
| #define | sandbox_free_getaddrinfo_cache() |
| #define | sandbox_intern_string(s) (s) |
Typedefs | |
| typedef struct sandbox_cfg_elem | sandbox_cfg_t |
Functions | |
| sandbox_cfg_t * | sandbox_cfg_new (void) |
| int | sandbox_cfg_allow_open_filename (sandbox_cfg_t **cfg, char *file) |
| int | sandbox_cfg_allow_chmod_filename (sandbox_cfg_t **cfg, char *file) |
| int | sandbox_cfg_allow_chown_filename (sandbox_cfg_t **cfg, char *file) |
| int | sandbox_cfg_allow_rename (sandbox_cfg_t **cfg, char *file1, char *file2) |
| int | sandbox_cfg_allow_openat_filename (sandbox_cfg_t **cfg, char *file) |
| int | sandbox_cfg_allow_stat_filename (sandbox_cfg_t **cfg, char *file) |
| int | sandbox_init (sandbox_cfg_t *cfg) |
| int | sandbox_is_active (void) |
| void | sandbox_disable_getaddrinfo_cache (void) |
Detailed Description
Header file for sandbox.c.
Macro Definition Documentation
◆ sandbox_getaddrinfo
| #define sandbox_getaddrinfo | ( | name, | |
| servname, | |||
| hints, | |||
| res | |||
| ) | getaddrinfo((name),(servname), (hints),(res)) |
Linux definitions
◆ SYS_SECCOMP
| #define SYS_SECCOMP 1 |
Used by SIGSYS signal handler to check if the signal was issued due to a seccomp2 filter violation.
Typedef Documentation
◆ sandbox_cfg_t
| typedef struct sandbox_cfg_elem sandbox_cfg_t |
Typedef to structure used to manage a sandbox configuration.
Function Documentation
◆ sandbox_cfg_allow_open_filename()
| int sandbox_cfg_allow_open_filename | ( | sandbox_cfg_t ** | cfg, |
| char * | file | ||
| ) |
Function used to add a open allowed filename to a supplied configuration. The (char*) specifies the path to the allowed file; we take ownership of the pointer.
◆ sandbox_cfg_allow_openat_filename()
| int sandbox_cfg_allow_openat_filename | ( | sandbox_cfg_t ** | cfg, |
| char * | file | ||
| ) |
Function used to add a openat allowed filename to a supplied configuration. The (char*) specifies the path to the allowed file; we steal the pointer to that file.
◆ sandbox_cfg_allow_stat_filename()
| int sandbox_cfg_allow_stat_filename | ( | sandbox_cfg_t ** | cfg, |
| char * | file | ||
| ) |
Function used to add a stat/stat64 allowed filename to a configuration. The (char*) specifies the path to the allowed file; that pointer is stolen.
◆ sandbox_cfg_new()
| sandbox_cfg_t* sandbox_cfg_new | ( | void | ) |
Creates an empty sandbox configuration file.
◆ sandbox_init()
| int sandbox_init | ( | sandbox_cfg_t * | cfg | ) |
Function used to initialise a sandbox configuration.
◆ sandbox_is_active()
| int sandbox_is_active | ( | void | ) |
Return true iff the sandbox is turned on.
