sandbox-rs 0.2.1

A comprehensive Rust sandbox implementation that provides process isolation, resource limiting, and syscall filtering for secure program execution.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

//! Seccomp profiles example

use sandbox_rs::SeccompProfile;

fn main() {
    println!("=== Sandbox RS - Seccomp Profiles ===\n");

    println!("Available seccomp profiles:\n");

    for profile in SeccompProfile::all() {
        println!("Profile: {:?}", profile);
        println!("  Description: {}", profile.description());

        // Note: Actual syscall filtering would require kernel-level seccomp
        // For now, we just demonstrate the API
        println!("  Note: Syscall filtering requires root and proper seccomp setup\n");
    }

    println!("\nProfile Usage Example:");
    println!("  let sandbox = SandboxBuilder::new(\"my-box\")");
    println!("    .seccomp_profile(SeccompProfile::IoHeavy)");
    println!("    .build()?;");
}