Google Git
Sign in
android / platform / external / sandboxed-api / 2f1ebe273deefb6f841a870460179951a4f3420a / . / sandboxed_api / sandbox2
tree: dba86aa092e72129aaf47fd276b778c4af15a5bc [path history] [tgz]
  1. allowlists/
  2. examples/
  3. network_proxy/
  4. testcases/
  5. unwind/
  6. util/
  7. allow_all_syscalls.h
  8. allow_map_exec.h
  9. allow_seccomp_speculation.h
  10. allow_unrestricted_networking.h
  11. bpf_evaluator.cc
  12. bpf_evaluator.h
  13. bpf_evaluator_test.cc
  14. bpfdisassembler.cc
  15. bpfdisassembler.h
  16. bpfdisassembler_test.cc
  17. buffer.cc
  18. buffer.h
  19. buffer_test.cc
  20. BUILD
  21. client.cc
  22. client.h
  23. CMakeLists.txt
  24. comms.cc
  25. comms.h
  26. comms_test.cc
  27. comms_test.proto
  28. executor.cc
  29. executor.h
  30. fork_client.cc
  31. fork_client.h
  32. forkingclient.cc
  33. forkingclient.h
  34. forkserver.cc
  35. forkserver.h
  36. forkserver.proto
  37. forkserver_bin.cc
  38. forkserver_test.cc
  39. global_forkclient.cc
  40. global_forkclient.h
  41. global_forkclient_lib_ctor.cc
  42. ipc.cc
  43. ipc.h
  44. ipc_test.cc
  45. limits.h
  46. limits_test.cc
  47. logserver.cc
  48. logserver.h
  49. logserver.proto
  50. logsink.cc
  51. logsink.h
  52. monitor_base.cc
  53. monitor_base.h
  54. monitor_ptrace.cc
  55. monitor_ptrace.h
  56. monitor_unotify.cc
  57. monitor_unotify.h
  58. mount_tree.proto
  59. mounts.cc
  60. mounts.h
  61. mounts_test.cc
  62. namespace.cc
  63. namespace.h
  64. namespace_test.cc
  65. network_proxy_test.cc
  66. notify.h
  67. notify_test.cc
  68. policy.cc
  69. policy.h
  70. policy_test.cc
  71. policybuilder.cc
  72. policybuilder.h
  73. policybuilder_test.cc
  74. README.md
  75. regs.cc
  76. regs.h
  77. regs_test.cc
  78. result.cc
  79. result.h
  80. sandbox2.cc
  81. sandbox2.h
  82. sandbox2_test.cc
  83. sanitizer.cc
  84. sanitizer.h
  85. sanitizer_test.cc
  86. stack_trace.cc
  87. stack_trace.h
  88. stack_trace_test.cc
  89. syscall.cc
  90. syscall.h
  91. syscall_defs.cc
  92. syscall_defs.h
  93. syscall_test.cc
  94. testing.h
  95. trace_all_syscalls.h
  96. util.cc
  97. util.h
  98. util_test.cc
sandboxed_api/sandbox2/README.md

Sandbox2

Sandbox2 is a C++ security sandbox for Linux which can be used to run untrusted programs or portions of programs in confined environments. The idea is that the runtime environment is so restricted that security bugs such as buffer overflows in the protected region cause no harm.

Documentation

Detailed developer documentation is available on the Google Developers site for Sandboxed API under Sandbox2.

There is also a Getting Started guide for Sandbox2.