Tor  0.4.7.0-alpha-dev
Macros | Typedefs | Functions
sandbox.h File Reference

Header file for sandbox.c. More...

#include "orconfig.h"
#include "lib/cc/torint.h"

Go to the source code of this file.

Macros

#define SYS_SECCOMP   1
 
#define sandbox_intern_string(s)   (s)
 
#define sandbox_interned_string_is_missing(s)   (false)
 

Typedefs

typedef struct sandbox_cfg_elem_t sandbox_cfg_t
 

Functions

sandbox_cfg_tsandbox_cfg_new (void)
 
int sandbox_cfg_allow_open_filename (sandbox_cfg_t **cfg, char *file)
 
int sandbox_cfg_allow_chmod_filename (sandbox_cfg_t **cfg, char *file)
 
int sandbox_cfg_allow_chown_filename (sandbox_cfg_t **cfg, char *file)
 
int sandbox_cfg_allow_rename (sandbox_cfg_t **cfg, char *file1, char *file2)
 
int sandbox_cfg_allow_openat_filename (sandbox_cfg_t **cfg, char *file)
 
int sandbox_cfg_allow_opendir_dirname (sandbox_cfg_t **cfg, char *dir)
 
int sandbox_cfg_allow_stat_filename (sandbox_cfg_t **cfg, char *file)
 
int sandbox_init (sandbox_cfg_t *cfg)
 
int sandbox_is_active (void)
 

Detailed Description

Header file for sandbox.c.

Definition in file sandbox.h.

Macro Definition Documentation

◆ sandbox_intern_string

#define sandbox_intern_string (   s)    (s)

Linux definitions

Definition at line 110 of file sandbox.h.

◆ SYS_SECCOMP

#define SYS_SECCOMP   1

Used by SIGSYS signal handler to check if the signal was issued due to a seccomp2 filter violation.

Definition at line 24 of file sandbox.h.

Typedef Documentation

◆ sandbox_cfg_t

typedef struct sandbox_cfg_elem_t sandbox_cfg_t

Typedef to structure used to manage a sandbox configuration.

Definition at line 1 of file sandbox.h.

Function Documentation

◆ sandbox_cfg_allow_open_filename()

int sandbox_cfg_allow_open_filename ( sandbox_cfg_t **  cfg,
char *  file 
)

Function used to add a open allowed filename to a supplied configuration. The (char*) specifies the path to the allowed file; we take ownership of the pointer.

Definition at line 1904 of file sandbox.c.

◆ sandbox_cfg_allow_openat_filename()

int sandbox_cfg_allow_openat_filename ( sandbox_cfg_t **  cfg,
char *  file 
)

Function used to add a openat allowed filename to a supplied configuration. The (char*) specifies the path to the allowed file; we steal the pointer to that file.

Definition at line 1911 of file sandbox.c.

◆ sandbox_cfg_allow_opendir_dirname()

int sandbox_cfg_allow_opendir_dirname ( sandbox_cfg_t **  cfg,
char *  dir 
)

Function used to add a opendir allowed filename to a supplied configuration. The (char*) specifies the path to the allowed dir; we steal the pointer to that dir.

Definition at line 1918 of file sandbox.c.

◆ sandbox_cfg_allow_stat_filename()

int sandbox_cfg_allow_stat_filename ( sandbox_cfg_t **  cfg,
char *  file 
)

Function used to add a stat/stat64 allowed filename to a configuration. The (char*) specifies the path to the allowed file; that pointer is stolen.

Definition at line 1925 of file sandbox.c.

◆ sandbox_cfg_new()

sandbox_cfg_t* sandbox_cfg_new ( void  )

Creates an empty sandbox configuration file.

Definition at line 1874 of file sandbox.c.

◆ sandbox_init()

int sandbox_init ( sandbox_cfg_t cfg)

Function used to initialise a sandbox configuration.

Definition at line 1880 of file sandbox.c.

◆ sandbox_is_active()

int sandbox_is_active ( void  )

Return true iff the sandbox is turned on.

Definition at line 1953 of file sandbox.c.

Referenced by routerparse_init().

Generated by doxygen 1.9.1