Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

sandbox_init(3) [osx man page]

SANDBOX_INIT(3) 					   BSD Library Functions Manual 					   SANDBOX_INIT(3)

sandbox_init, sandbox_free_error -- set process sandbox (DEPRECATED) SYNOPSIS
#include <sandbox.h> int sandbox_init(const char *profile, uint64_t flags, char **errorbuf); void sandbox_free_error(char *errorbuf); DESCRIPTION
The sandbox_init() and sandbox_free_error() functions are DEPRECATED. Developers who wish to sandbox an app should instead adopt the App Sandbox feature described in the App Sandbox Design Guide. The sandbox_init() function places the current process into a sandbox(7). The NUL-terminated string profile specifies the profile to be used to configure the sandbox. The flags specified are formed by or'ing the following values: SANDBOX_NAMED The profile argument specifies a sandbox profile named by one of the constants given in the AVAILABLE PROFILES sec- tion below. The out parameter *errorbuf will be set according to the error status. RETURN VALUES
Upon successful completion of sandbox_init(), a value of 0 is returned and *errorbuf is set to NULL. In the event of an error, a value of -1 is returned and *errorbuf is set to a pointer to a NUL-terminated string describing the error. This string may contain embedded newlines. This error information is suitable for developers and is not intended for end users. This pointer should be passed to sandbox_free_error(3) to release the allocated storage when it is no longer needed. AVAILABLE PROFILES
The following are brief descriptions of each available profile. Keep in mind that sandbox(7) restrictions are typically enforced at resource acquisition time. kSBXProfileNoInternet TCP/IP networking is prohibited. kSBXProfileNoNetwork All sockets-based networking is prohibited. kSBXProfileNoWrite File system writes are prohibited. kSBXProfileNoWriteExceptTemporary File system writes are restricted to the temporary folder /var/tmp and the folder specified by the confstr(3) configuration variable _CS_DARWIN_USER_TEMP_DIR. kSBXProfilePureComputation All operating system services are prohibited. SEE ALSO
sandbox-exec(1), sandbox(7), sandboxd(8) Mac OS X November 15, 2011 Mac OS X

Check Out this Related Man Page


runkit_sandbox_output_handler - Specify a function to capture and/or process output from a runkit sandbox

mixed runkit_sandbox_output_handler (object $sandbox, [mixed $callback]) DESCRIPTION
Ordinarily, anything output (such as with echo(3) or print(3)) will be output as though it were printed from the parent's scope. Using runkit_sandbox_output_handler(3) however, output generated by the sandbox (including errors), can be captured by a function outside of the sandbox. Note Sandbox support (required for runkit_lint(3), runkit_lint_file(3), and the Runkit_Sandbox class) is only available as of PHP 5.1.0 or specially patched versions of PHP 5.0, and requires that thread safety be enabled. See the README file included in the runkit package for more information. Note Deprecated As of runkit version 0.5, this function is deprecated and is scheduled to be removed from the package prior to a 1.0 release. The output handler for a given Runkit_Sandbox instance may be read/set using the array offset syntax shown on the Runkit_Sandbox class definition page. PARAMETERS
o $sandbox - Object instance of Runkit_Sandbox class on which to set output handling. o $callback - Name of a function which expects one parameter. Output generated by $sandbox will be passed to this callback. Anything returned by the callback will be displayed normally. If this parameter is not passed then output handling will not be changed. If a non- truth value is passed, output handling will be disabled and will revert to direct display. RETURN VALUES
Returns the name of the previously defined output handler callback, or FALSE if no handler was previously defined. EXAMPLES
Example #1 Feeding output to a variable <?php function capture_output($str) { $GLOBALS['sandbox_output'] .= $str; return ''; } $sandbox_output = ''; $php = new Runkit_Sandbox(); runkit_sandbox_output_handler($php, 'capture_output'); $php->echo("Hello "); $php->eval('var_dump("Excuse me");'); $php->die("I lost myself."); unset($php); echo "Sandbox Complete "; echo $sandbox_output; ?> The above example will output: Sandbox Complete Hello string(9) "Excuse me" I lost myself. PHP Documentation Group RUNKIT_SANDBOX_OUTPUT_HANDLER(3)
Man Page

Featured Tech Videos