tor  0.4.2.0-alpha-dev
Macros | Typedefs | Functions
sandbox.h File Reference
#include "orconfig.h"
#include "lib/cc/torint.h"

Go to the source code of this file.

Macros

#define SYS_SECCOMP   1
 
#define sandbox_intern_string(s)   (s)
 

Typedefs

typedef struct sandbox_cfg_elem sandbox_cfg_t
 

Functions

sandbox_cfg_tsandbox_cfg_new (void)
 
int sandbox_cfg_allow_open_filename (sandbox_cfg_t **cfg, char *file)
 
int sandbox_cfg_allow_chmod_filename (sandbox_cfg_t **cfg, char *file)
 
int sandbox_cfg_allow_chown_filename (sandbox_cfg_t **cfg, char *file)
 
int sandbox_cfg_allow_rename (sandbox_cfg_t **cfg, char *file1, char *file2)
 
int sandbox_cfg_allow_openat_filename (sandbox_cfg_t **cfg, char *file)
 
int sandbox_cfg_allow_stat_filename (sandbox_cfg_t **cfg, char *file)
 
int sandbox_init (sandbox_cfg_t *cfg)
 
int sandbox_is_active (void)
 

Detailed Description

Header file for sandbox.c.

Definition in file sandbox.h.

Macro Definition Documentation

◆ sandbox_intern_string

#define sandbox_intern_string (   s)    (s)

Linux definitions

Definition at line 112 of file sandbox.h.

◆ SYS_SECCOMP

#define SYS_SECCOMP   1

Used by SIGSYS signal handler to check if the signal was issued due to a seccomp2 filter violation.

Definition at line 24 of file sandbox.h.

Typedef Documentation

◆ sandbox_cfg_t

typedef struct sandbox_cfg_elem sandbox_cfg_t

Typedef to structure used to manage a sandbox configuration.

Definition at line 35 of file sandbox.h.

Function Documentation

◆ sandbox_cfg_allow_open_filename()

int sandbox_cfg_allow_open_filename ( sandbox_cfg_t **  cfg,
char *  file 
)

Function used to add a open allowed filename to a supplied configuration. The (char*) specifies the path to the allowed file; we take ownership of the pointer.

Definition at line 1760 of file sandbox.c.

◆ sandbox_cfg_allow_openat_filename()

int sandbox_cfg_allow_openat_filename ( sandbox_cfg_t **  cfg,
char *  file 
)

Function used to add a openat allowed filename to a supplied configuration. The (char*) specifies the path to the allowed file; we steal the pointer to that file.

Definition at line 1767 of file sandbox.c.

◆ sandbox_cfg_allow_stat_filename()

int sandbox_cfg_allow_stat_filename ( sandbox_cfg_t **  cfg,
char *  file 
)

Function used to add a stat/stat64 allowed filename to a configuration. The (char*) specifies the path to the allowed file; that pointer is stolen.

Definition at line 1774 of file sandbox.c.

◆ sandbox_cfg_new()

sandbox_cfg_t* sandbox_cfg_new ( void  )

Creates an empty sandbox configuration file.

Definition at line 1730 of file sandbox.c.

◆ sandbox_init()

int sandbox_init ( sandbox_cfg_t cfg)

Function used to initialise a sandbox configuration.

Definition at line 1736 of file sandbox.c.

◆ sandbox_is_active()

int sandbox_is_active ( void  )

Return true iff the sandbox is turned on.

Definition at line 1802 of file sandbox.c.

Referenced by routerparse_init().