SANDBOX_INIT(3) Library Functions Manual SANDBOX_INIT(3)

sandbox_init, sandbox_free_errorset process sandbox (DEPRECATED)

#include <sandbox.h>

int
sandbox_init(const char *profile, uint64_t flags, char **errorbuf);

void
sandbox_free_error(char *errorbuf);

The () and () functions are DEPRECATED. Developers who wish to sandbox an app should instead adopt the App Sandbox feature described in the App Sandbox Design Guide.

The () function places the current process into a sandbox(7). The NUL-terminated string profile specifies the profile to be used to configure the sandbox. The flags specified are formed by 'ing the following values:

The profile argument specifies a sandbox profile named by one of the constants given in the AVAILABLE PROFILES section below.

The out parameter *errorbuf will be set according to the error status.

Upon successful completion of sandbox_init(), a value of 0 is returned and *errorbuf is set to NULL. In the event of an error, a value of -1 is returned and *errorbuf is set to a pointer to a NUL-terminated string describing the error. This string may contain embedded newlines. This error information is suitable for developers and is not intended for end users. This pointer should be passed to sandbox_free_error(3) to release the allocated storage when it is no longer needed.

The following are brief descriptions of each available profile. Keep in mind that sandbox(7) restrictions are typically enforced at resource acquisition time.

TCP/IP networking is prohibited. DEPRECATED.
All sockets-based networking is prohibited. DEPRECATED.
File system writes are prohibited. DEPRECATED.
File system writes are restricted to the temporary folder /var/tmp and the folder specified by the confstr(3) configuration variable _CS_DARWIN_USER_TEMP_DIR. DEPRECATED.
All operating system services are prohibited. DEPRECATED.

sandbox-exec(1), sandbox(7), sandboxd(8)

March 9, 2017 Mac OS X