evalbox_sandbox/lib.rs
1//! evalbox-sandbox: Sandbox orchestration
2//!
3//! This crate provides secure sandboxed execution of untrusted code on Linux.
4//! It combines multiple isolation mechanisms for defense in depth:
5//!
6//! - **User namespaces** - Unprivileged containers, UID 0 inside = real user outside
7//! - **Mount namespaces** - Private filesystem view with minimal bind mounts
8//! - **Pivot root** - Change root directory, unmount host filesystem
9//! - **Landlock** - Filesystem and network access control (kernel 5.13+)
10//! - **Seccomp-BPF** - Syscall whitelist (~40 allowed syscalls)
11//! - **Rlimits** - Resource limits (memory, CPU, files, processes)
12//!
13//! ## Quick Start
14//!
15//! ```ignore
16//! use evalbox_sandbox::{Executor, Plan};
17//!
18//! let plan = Plan::new(["echo", "hello"]);
19//! let output = Executor::run(plan)?;
20//! assert_eq!(output.stdout, b"hello\n");
21//! ```
22//!
23//! ## Requirements
24//!
25//! - Linux kernel 5.13+ (for Landlock ABI 1+)
26//! - User namespaces enabled (`/proc/sys/kernel/unprivileged_userns_clone = 1`)
27//! - Seccomp enabled in kernel
28
29#![allow(clippy::cast_possible_truncation)]
30#![allow(clippy::cast_sign_loss)]
31
32pub mod executor;
33pub mod isolation;
34pub mod monitor;
35pub mod plan;
36pub mod resolve;
37pub mod sysinfo;
38pub mod validate;
39pub mod workspace;
40
41pub use executor::{Event, Executor, ExecutorError, SandboxId};
42pub use monitor::{Output, Status};
43pub use plan::{Landlock, Mount, Plan, Syscalls, UserFile};
44pub use resolve::{resolve_binary, ResolvedBinary, ResolveError};
45
46// Backwards compatibility
47#[allow(deprecated)]
48#[doc(hidden)]
49pub use plan::SandboxPlan;