diff options
Diffstat (limited to 'src/cli/sandbox.cpp')
| -rw-r--r-- | src/cli/sandbox.cpp | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/src/cli/sandbox.cpp b/src/cli/sandbox.cpp new file mode 100644 index 000000000..90eaf8b89 --- /dev/null +++ b/src/cli/sandbox.cpp @@ -0,0 +1,44 @@ +/* +* (C) 2019 David Carlier <[email protected]> +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#include "sandbox.h" +#include <botan/build.h> + +#if defined(BOTAN_TARGET_OS_HAS_PLEDGE) + #include <unistd.h> +#elif defined(BOTAN_TARGET_OS_HAS_CAP_ENTER) + #include <sys/capsicum.h> +#endif + +namespace Botan_CLI { + +Sandbox::Sandbox() + { +#if defined(BOTAN_TARGET_OS_HAS_PLEDGE) + m_name = "pledge"; +#elif defined(BOTAN_TARGET_OS_HAS_CAP_ENTER) + m_name = "capsicum"; +#else + m_name = "<none>"; +#endif + } + +bool Sandbox::init() + { +#if defined(BOTAN_TARGET_OS_HAS_PLEDGE) + const static char *opts = "stdio rpath inet error"; + return (::pledge(opts, nullptr) == 0); +#elif defined(BOTAN_TARGET_OS_HAS_CAP_ENTER) + return (::cap_enter() == 0); +#else + return true; +#endif + } + +Sandbox::~Sandbox() + { + } +} |