sandlock_core/process.rs
1// Nesting-detection helpers used by sandbox.rs.
2
3use std::sync::atomic::{AtomicBool, Ordering};
4
5// ============================================================
6// Nesting detection
7// ============================================================
8
9/// Set after seccomp confinement in the child process.
10/// Any subsequent Sandbox in this process is nested.
11pub(crate) static CONFINED: AtomicBool = AtomicBool::new(false);
12
13/// Detect if this process is already inside a sandbox.
14///
15/// Checks both the in-process flag and /proc/self/status (Seccomp: 2)
16/// to catch cross-process nesting (e.g. `sandlock run -- python agent.py`
17/// where agent.py creates inner sandboxes).
18pub fn is_nested() -> bool {
19 if CONFINED.load(Ordering::Relaxed) {
20 return true;
21 }
22 // Check /proc/self/status for active seccomp filter
23 if let Ok(status) = std::fs::read_to_string("/proc/self/status") {
24 for line in status.lines() {
25 if line.starts_with("Seccomp:") {
26 return line.trim().ends_with('2');
27 }
28 }
29 }
30 false
31}