Code to enable sandboxing. More...

#include "orconfig.h"
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <errno.h>
#include "lib/sandbox/sandbox.h"
#include "lib/container/map.h"
#include "lib/err/torerr.h"
#include "lib/log/log.h"
#include "lib/cc/torint.h"
#include "lib/malloc/malloc.h"
#include "lib/string/scanf.h"
#include "ext/tor_queue.h"
#include "ext/ht.h"
#include "ext/siphash.h"

Macros
#define	_LARGEFILE64_SOURCE

#define	MALLOC_MP_LIM (2010241024)

#define	DEBUGGING_CLOSE

Functions
sandbox_cfg_t *	sandbox_cfg_new (void)

int	sandbox_init (sandbox_cfg_t *cfg)

int	sandbox_cfg_allow_open_filename (sandbox_cfg_t *cfg, char file)

int	sandbox_cfg_allow_openat_filename (sandbox_cfg_t *cfg, char file)

int	sandbox_cfg_allow_opendir_dirname (sandbox_cfg_t *cfg, char dir)

int	sandbox_cfg_allow_stat_filename (sandbox_cfg_t *cfg, char file)

int	sandbox_cfg_allow_chown_filename (sandbox_cfg_t *cfg, char file)

int	sandbox_cfg_allow_chmod_filename (sandbox_cfg_t *cfg, char file)

int	sandbox_cfg_allow_rename (sandbox_cfg_t *cfg, char file1, char *file2)

int	sandbox_is_active (void)

Detailed Description

Code to enable sandboxing.

Definition in file sandbox.c.

Macro Definition Documentation

◆ _LARGEFILE64_SOURCE

#define _LARGEFILE64_SOURCE

Temporarily required for O_LARGEFILE flag. Needs to be removed with the libevent fix.

Definition at line 19 of file sandbox.c.

◆ MALLOC_MP_LIM

#define MALLOC_MP_LIM (20*1024*1024)

Malloc mprotect limit in bytes.

28/06/2017: This value was increased from 16 MB to 20 MB after we introduced LZMA support in Tor (0.3.1.1-alpha). We limit our LZMA coder to 16 MB, but liblzma have a small overhead that we need to compensate for to avoid being killed by the sandbox.

Definition at line 29 of file sandbox.c.

Function Documentation

◆ sandbox_cfg_allow_open_filename()

int sandbox_cfg_allow_open_filename	(	sandbox_cfg_t **	cfg,
		char *	file
	)

Function used to add a open allowed filename to a supplied configuration. The (char*) specifies the path to the allowed file; we take ownership of the pointer.

Definition at line 1904 of file sandbox.c.

◆ sandbox_cfg_allow_openat_filename()

int sandbox_cfg_allow_openat_filename	(	sandbox_cfg_t **	cfg,
		char *	file
	)

Function used to add a openat allowed filename to a supplied configuration. The (char*) specifies the path to the allowed file; we steal the pointer to that file.

Definition at line 1911 of file sandbox.c.

◆ sandbox_cfg_allow_opendir_dirname()

int sandbox_cfg_allow_opendir_dirname	(	sandbox_cfg_t **	cfg,
		char *	dir
	)

Function used to add a opendir allowed filename to a supplied configuration. The (char*) specifies the path to the allowed dir; we steal the pointer to that dir.

Definition at line 1918 of file sandbox.c.

◆ sandbox_cfg_allow_stat_filename()

int sandbox_cfg_allow_stat_filename	(	sandbox_cfg_t **	cfg,
		char *	file
	)

Function used to add a stat/stat64 allowed filename to a configuration. The (char*) specifies the path to the allowed file; that pointer is stolen.

Definition at line 1925 of file sandbox.c.

◆ sandbox_cfg_new()

sandbox_cfg_t* sandbox_cfg_new ( void )

Creates an empty sandbox configuration file.

Definition at line 1874 of file sandbox.c.

◆ sandbox_init()

int sandbox_init ( sandbox_cfg_t * cfg )

Function used to initialise a sandbox configuration.

Definition at line 1880 of file sandbox.c.

◆ sandbox_is_active()

int sandbox_is_active ( void )

Return true iff the sandbox is turned on.

Definition at line 1953 of file sandbox.c.

Referenced by routerparse_init().

Macros

Functions