typedef struct sum_params_s {
  int a;
  int b;
  int ret;
} sum_params;

extern int sum(int a, int b) {
  return a + b;
}

extern void sums(sum_params* params) {
  params->ret =  params->a + params->b;
}




What is Sandboxed API?

Sandboxed API helps building sandboxes for C/C++ libraries: after initial setup of security policies and generation of library interfaces, an almost-identical stub API is generated, transparently forwarding calls using a custom RPC layer to the real library running inside a sandboxed environment.
class SumSapiSandbox : public SumSandbox {
  std::unique_ptr<sandbox2::Policy> ModifyPolicy(
      sandbox2::PolicyBuilder*) override {
    return sandbox2::PolicyBuilder()
        .AllowOpen().AllowRead().AllowWrite()
        .AllowStat().AllowSystemMalloc()
        .AllowHandleSignals().AllowExit()
        .AllowTime().AllowSleep()
        .AllowGetPIDs()
        .AllowSyscalls({__NR_close, __NR_recvmsg,
            __NR_sendmsg, __NR_lseek, __NR_futex})
        .AddFile("/etc/localtime")
        .BuildOrDie();
  }
};


Fine-grained security policies

In contrast to the typical sandboxed project, where security policies must cover the total syscall/resource footprint of all utilized libraries, SAPI based sandboxes use tightly defined security policies for the critical parts.
int main(int argc, char** argv) {
  sapi::Status status;
  sapi::BasicTransaction tx(
      absl::make_unique());
  int v, a = 1000, b = 337;
  tx.Run([&v](sapi::Sandbox* sandbox)
      -> sapi::Status {
    SumApi api(sandbox);
    SAPI_ASSIGN_OR_RETURN(v, api.sum(1000, 337));
    return sapi::OkStatus();
  });
  printf("%d + %d = %d", a, b, v);
}



How do I start?

  1. Learn about how sandboxed API works
  2. Read the Getting Started guide.
  3. Define a security policy.