SANDBOX_INIT(3) BSD Library Functions Manual SANDBOX_INIT(3)
NAME
sandbox_init, sandbox_free_error -- set process sandbox
SYNOPSIS
#include <sandbox.h>
int
sandbox_init(const char *profile, uint64_t flags, char **errorbuf);
void
sandbox_free_error(char *errorbuf);
DESCRIPTION
sandbox_init() places the current process into a sandbox(7). The NUL-terminated string profile speci-fies specifies
fies the profile to be used to configure the sandbox. The flags specified are formed by or'ing the
following values:
SANDBOX_NAMED The profile argument specifies a sandbox profile named by one of the constants
given in the AVAILABLE PROFILES section below.
The out parameter *errorbuf will be set according to the error status.
RETURN VALUES
Upon successful completion of sandbox_init(), a value of 0 is returned and *errorbuf is set to NULL.
In the event of an error, a value of -1 is returned and *errorbuf is set to a pointer to a NUL-termi-nated NUL-terminated
nated string describing the error. This string may contain embedded newlines. This error information
is suitable for developers and is not intended for end users. This pointer should be passed to
sandbox_free_error(3) to release the allocated storage when it is no longer needed.
AVAILABLE PROFILES
The following are brief descriptions of each available profile. Keep in mind that sandbox(7) restric-tions restrictions
tions are typically enforced at resource acquisition time.
kSBXProfileNoInternet TCP/IP networking is prohibited.
kSBXProfileNoNetwork All sockets-based networking is prohibited.
kSBXProfileNoWrite File system writes are prohibited.
kSBXProfileNoWriteExceptTemporary File system writes are restricted to the temporary folder /var/tmp
and the folder specified by the confstr(3) configuration variable
_CS_DARWIN_USER_TEMP_DIR.
kSBXProfilePureComputation All operating system services are prohibited.
SEE ALSO
sandbox-exec(1), sandbox(7), sandbox-compilerd(8)
Mac OS X July 7, 2007 Mac OS X
|