1*3b35e7eeSXin LI // SPDX-License-Identifier: 0BSD 2*3b35e7eeSXin LI 3*3b35e7eeSXin LI /////////////////////////////////////////////////////////////////////////////// 4*3b35e7eeSXin LI // 5*3b35e7eeSXin LI /// \file sandbox.h 6*3b35e7eeSXin LI /// \brief Sandbox support 7*3b35e7eeSXin LI // 8*3b35e7eeSXin LI // Author: Lasse Collin 9*3b35e7eeSXin LI // 10*3b35e7eeSXin LI /////////////////////////////////////////////////////////////////////////////// 11*3b35e7eeSXin LI 12*3b35e7eeSXin LI #if defined(HAVE_PLEDGE) || defined(HAVE_LINUX_LANDLOCK) \ 13*3b35e7eeSXin LI || defined(HAVE_CAP_RIGHTS_LIMIT) 14*3b35e7eeSXin LI # define ENABLE_SANDBOX 1 15*3b35e7eeSXin LI #endif 16*3b35e7eeSXin LI 17*3b35e7eeSXin LI 18*3b35e7eeSXin LI /// \brief Enables early sandboxing that can always be enabled 19*3b35e7eeSXin LI /// 20*3b35e7eeSXin LI /// This requires that tuklib_progname() and io_init() have been called. 21*3b35e7eeSXin LI extern void sandbox_init(void); 22*3b35e7eeSXin LI 23*3b35e7eeSXin LI 24*3b35e7eeSXin LI /// \brief Enable sandboxing that only allows opening files for reading 25*3b35e7eeSXin LI extern void sandbox_enable_read_only(void); 26*3b35e7eeSXin LI 27*3b35e7eeSXin LI 28*3b35e7eeSXin LI /// \brief Tell sandboxing code that strict sandboxing can be used 29*3b35e7eeSXin LI /// 30*3b35e7eeSXin LI /// This function only sets a flag which will be read by 31*3b35e7eeSXin LI /// sandbox_enable_strict_if_allowed(). 32*3b35e7eeSXin LI extern void sandbox_allow_strict(void); 33*3b35e7eeSXin LI 34*3b35e7eeSXin LI 35*3b35e7eeSXin LI /// \brief Enable sandboxing that allows reading from one file 36*3b35e7eeSXin LI /// 37*3b35e7eeSXin LI /// This does nothing if sandbox_allow_strict() hasn't been called. 38*3b35e7eeSXin LI /// 39*3b35e7eeSXin LI /// \param src_fd File descriptor open for reading 40*3b35e7eeSXin LI /// \param pipe_event_fd user_abort_pipe[0] from file_io.c 41*3b35e7eeSXin LI /// \param pipe_write_fd user_abort_pipe[1] from file_io.c 42*3b35e7eeSXin LI extern void sandbox_enable_strict_if_allowed( 43*3b35e7eeSXin LI int src_fd, int pipe_event_fd, int pipe_write_fd); 44