tabox/lib.rs
1// This Source Code Form is subject to the terms of the Mozilla Public
2// License, v. 2.0. If a copy of the MPL was not distributed with this
3// file, You can obtain one at http://mozilla.org/MPL/2.0/.
4// SPDX-License-Identifier: MPL-2.0
5
6//! []( https://docs.rs/tmbox)
7//! [](https://crates.io/crates/tabox)
8//!
9//! A sandbox for task-maker and TuringArena
10//!
11//! ### What does it do
12//! tabox allows you to do two things:
13//! - launch a process in a secure environment, where it cannot damage the existing machine
14//! - measure and limit the resource (cpu time, memory) usage of the process
15
16#[cfg(target_os = "linux")]
17#[macro_use]
18extern crate lazy_static;
19
20#[cfg(target_os = "linux")]
21#[macro_use]
22extern crate log;
23
24pub mod configuration;
25pub mod result;
26pub mod syscall_filter;
27
28mod util;
29
30#[cfg(target_os = "linux")]
31mod linux;
32
33#[cfg(target_os = "macos")]
34mod macos;
35
36/// The sandbox implementation
37#[cfg(target_os = "linux")]
38pub type SandboxImplementation = linux::LinuxSandbox;
39
40#[cfg(target_os = "macos")]
41pub type SandboxImplementation = macos::MacOSSandbox;
42
43#[cfg(not(any(target_os = "macos", target_os = "linux")))]
44compile_error!("TAbox not supported on your operating system");
45
46#[cfg(test)]
47mod tests;
48
49/// Convenience result type
50pub type Result<T> = std::result::Result<T, anyhow::Error>;
51
52/// A trait that represents a Sandbox
53pub trait Sandbox {
54 /// Execute the sandbox
55 fn run(config: configuration::SandboxConfiguration) -> Result<Self>
56 where
57 Self: Sized;
58
59 /// Wait the process to terminate, giving back the execution result
60 fn wait(self) -> Result<result::SandboxExecutionResult>;
61
62 /// Return true if the sandbox implementation is secure
63 fn is_secure() -> bool;
64}