26 wiersze
665 B
C
26 wiersze
665 B
C
|
#ifndef SANDBOX_H
|
||
|
#define SANDBOX_H
|
||
|
#include <vector>
|
||
|
class Sandbox
|
||
|
{
|
||
|
public:
|
||
|
Sandbox()
|
||
|
{
|
||
|
}
|
||
|
/* Whether the platform has everything required to active all sandbnox modes */
|
||
|
virtual bool supported() = 0;
|
||
|
|
||
|
/* Activated early. At this point, we need more system calls
|
||
|
* than later on */
|
||
|
virtual bool enableForInit() = 0;
|
||
|
|
||
|
/* Activated after config has been read. Now we now which paths we need access to */
|
||
|
virtual bool enablePreWorker(std::vector<std::string> fsPaths) = 0;
|
||
|
|
||
|
/* Activated after we have acquired resources (bound to ports etc.)
|
||
|
*
|
||
|
* This should allow us to further restrcit the process */
|
||
|
virtual bool enableForWorker() = 0;
|
||
|
};
|
||
|
#endif
|