Lines Matching full:sandbox
30 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
31 #include "sandbox/linux/services/linux_syscalls.h"
33 using sandbox::ErrorCode;
34 using sandbox::SandboxBPF;
35 using sandbox::arch_seccomp_data;
39 // We don't expect our sandbox to do anything useful yet. So, we will fail
41 // following line should be removed as soon as the sandbox is starting to
216 // log the system call and then deny it. More elaborate sandbox policies
240 ErrorCode Evaluator(SandboxBPF* sandbox, int sysno, void *) {
329 return sandbox->Cond(1, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL,
332 sandbox->Cond(1, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL,
335 sandbox->Trap(DefaultHandler, NULL)));
340 // As is, this sandbox isn't exactly safe :-/
370 return sandbox->Trap(DefaultHandler, NULL);
418 perror("sandbox");
421 SandboxBPF sandbox;
422 sandbox.set_proc_fd(proc_fd);
423 sandbox.SetSandboxPolicyDeprecated(Evaluator, NULL);
424 sandbox.StartSandbox();
507 // Print a message so that the user can see the sandbox is activated.
509 printf("Sandbox has been started at %s", ctime(&tm));
