Begin sandboxing support, README updates.

This commit is contained in:
2019-08-11 20:10:38 +02:00
vanhempi d7db1fbe39
commit f83c705230
9 muutettua tiedostoa jossa 398 lisäystä ja 27 poistoa

25
sandbox/sandbox.h Normal file
Näytä tiedosto

@ -0,0 +1,25 @@
#ifndef SANDBOX_H
#define SANDBOX_H
#include <vector>
class Sandbox
{
public:
Sandbox()
{
}
/* Whether the platform has everything required to active all sandbnox modes */
virtual bool supported() = 0;
/* Activated early. At this point, we need more system calls
* than later on */
virtual bool enableForInit() = 0;
/* Activated after config has been read. Now we now which paths we need access to */
virtual bool enablePreWorker(std::vector<std::string> fsPaths) = 0;
/* Activated after we have acquired resources (bound to ports etc.)
*
* This should allow us to further restrcit the process */
virtual bool enableForWorker() = 0;
};
#endif