Expand description
OS-level sandbox backends for mimobox.
This crate provides process-level sandbox implementations that conform to the
mimobox-core Sandbox trait. It is responsible for
turning a SandboxConfig into platform-native
isolation mechanisms while preserving the shared SDK result and error model.
The Linux backend (LinuxSandbox) uses the following kernel mechanisms:
- Landlock for filesystem access control.
- Seccomp-bpf for allowlist-based system call filtering.
- Namespaces for PID, network, mount, and IPC isolation.
- setrlimit for memory limits.
The macOS backend (MacOsSandbox) uses Seatbelt through sandbox-exec
where available. The crate also exposes SandboxPool for low-latency reuse
of pre-warmed OS sandboxes on supported platforms.
§Platform Support
| Platform | Status |
|---|---|
| Linux | Complete implementation |
| macOS | Complete implementation (Seatbelt / sandbox-exec) |
| Windows | Planned (AppContainer) |
§Safety Model
Platform backends apply sandbox policy in child processes before command
execution. Linux applies seccomp as the final step before exec, after
resource limits, filesystem restrictions, and namespace setup are in place.
Structs§
- Linux
Sandbox Linux - Linux OS-level sandbox backend using Landlock, seccomp-bpf, namespaces, and resource limits. Linux OS-level sandbox backend.
- Pool
Config Linux or macOS - Warm pool types for reusing pre-initialized OS sandboxes.
Configuration for a
SandboxPool. - Pool
Stats Linux or macOS - Warm pool types for reusing pre-initialized OS sandboxes.
Point-in-time statistics for a
SandboxPool. - Pooled
Sandbox Linux or macOS - Warm pool types for reusing pre-initialized OS sandboxes.
Handle for a sandbox checked out from a
SandboxPool. - Sandbox
Pool Linux or macOS - Warm pool types for reusing pre-initialized OS sandboxes. Thread-safe warm pool for OS-level sandboxes.
Enums§
- Pool
Error Linux or macOS - Warm pool types for reusing pre-initialized OS sandboxes. Error returned by warm pool operations.
Functions§
- apply_
seccomp Linux - Applies a Linux seccomp-bpf system call filter for the selected profile. Applies the seccomp-bpf filter.
- run_
pool_ benchmark Linux or macOS - Warm pool types for reusing pre-initialized OS sandboxes. Runs a simple pool benchmark comparing cold-start and hot-acquire latency.