Sandboxing feature from CLI pov.

No resources to free with actual OS features but might be
of use for later.

2 files changed, 0 insertions, 24 deletions

diff --git a/src/lib/utils/os_utils.cpp b/src/lib/utils/os_utils.cpp
index 9ec45a8c1..f373ece99 100644
--- a/src/lib/utils/os_utils.cpp
+++ b/src/lib/utils/os_utils.cpp
@@ -45,10 +45,6 @@
   #include <windows.h>
 #endif
 
-#if defined(BOTAN_TARGET_OS_CAP_ENTER)
-  #include <sys/capsicum.h>
-#endif
-
 namespace Botan {
 
 // Not defined in OS namespace for historical reasons
@@ -106,18 +102,6 @@ bool OS::running_in_privileged_state()
 #endif
    }
 
-bool OS::sandbox_start()
-   {
-#if defined(BOTAN_TARGET_OS_HAS_PLEDGE)
-   const static char *opts = "stdio rpath inet";
-   return (::pledge(opts, nullptr) == 0);
-#elif defined(BOTAN_TARGET_OS_HAS_CAP_ENTER)
-   return (::cap_enter() == 0);
-#else
-   return true;
-#endif
-   }
-
 uint64_t OS::get_cpu_cycle_counter()
    {
    uint64_t rtc = 0;
diff --git a/src/lib/utils/os_utils.h b/src/lib/utils/os_utils.h
index 53471db88..37a8d3a9c 100644
--- a/src/lib/utils/os_utils.h
+++ b/src/lib/utils/os_utils.h
@@ -34,14 +34,6 @@ namespace OS {
 uint32_t BOTAN_TEST_API get_process_id();
 
 /**
-* Running current context in a sandboxed manner
-* Usually any sandbox solution might allow to
-* adjust down the permissions but never allow
-* to expand them.
-*/
-bool BOTAN_TEST_API sandbox_start();
-
-/**
 * Test if we are currently running with elevated permissions
 * eg setuid, setgid, or with POSIX caps set.
 */