2019-08-11 20:10:38 +02:00
|
|
|
#ifndef SANDBOX_H
|
|
|
|
#define SANDBOX_H
|
|
|
|
#include <vector>
|
|
|
|
class Sandbox
|
|
|
|
{
|
2020-09-26 17:03:26 +02:00
|
|
|
public:
|
2019-08-11 20:10:38 +02:00
|
|
|
Sandbox()
|
|
|
|
{
|
|
|
|
}
|
|
|
|
/* Whether the platform has everything required to active all sandbnox modes */
|
|
|
|
virtual bool supported() = 0;
|
|
|
|
|
|
|
|
/* Activated early. At this point, we need more system calls
|
|
|
|
* than later on */
|
|
|
|
virtual bool enableForInit() = 0;
|
|
|
|
|
|
|
|
/* Activated after config has been read. Now we now which paths we need access to */
|
|
|
|
virtual bool enablePreWorker(std::vector<std::string> fsPaths) = 0;
|
|
|
|
|
|
|
|
/* Activated after we have acquired resources (bound to ports etc.)
|
2019-10-02 22:06:19 +02:00
|
|
|
*
|
2019-08-11 20:10:38 +02:00
|
|
|
* This should allow us to further restrcit the process */
|
|
|
|
virtual bool enableForWorker() = 0;
|
|
|
|
};
|
|
|
|
#endif
|