OFSandbox.h

/*
 * Copyright (c) 2008-2024 Jonathan Schleifer <js@nil.im>
 *
 * All rights reserved.
 *
 * This program is free software: you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License version 3.0 only,
 * as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
 * version 3.0 for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * version 3.0 along with this program. If not, see
 * <https://www.gnu.org/licenses/>.
 */
 
#import "OFObject.h"
 
OF_ASSUME_NONNULL_BEGIN
 
@class OFArray OF_GENERIC(ObjectType);
@class OFMutableArray OF_GENERIC(ObjectType);
@class OFPair OF_GENERIC(FirstType, SecondType);
 
typedef OFPair OF_GENERIC(OFString *, OFString *) *OFSandboxUnveilPath;
 
OF_SUBCLASSING_RESTRICTED
@interface OFSandbox: OFObject <OFCopying>
{
    unsigned int _allowsStdIO: 1;
    unsigned int _allowsReadingFiles: 1;
    unsigned int _allowsWritingFiles: 1;
    unsigned int _allowsCreatingFiles: 1;
    unsigned int _allowsCreatingSpecialFiles: 1;
    unsigned int _allowsTemporaryFiles: 1;
    unsigned int _allowsIPSockets: 1;
    unsigned int _allowsMulticastSockets: 1;
    unsigned int _allowsChangingFileAttributes: 1;
    unsigned int _allowsFileOwnerChanges: 1;
    unsigned int _allowsFileLocks: 1;
    unsigned int _allowsUNIXSockets: 1;
    unsigned int _allowsDNS: 1;
    unsigned int _allowsUserDatabaseReading: 1;
    unsigned int _allowsFileDescriptorSending: 1;
    unsigned int _allowsFileDescriptorReceiving: 1;
    unsigned int _allowsTape: 1;
    unsigned int _allowsTTY: 1;
    unsigned int _allowsProcessOperations: 1;
    unsigned int _allowsExec: 1;
    unsigned int _allowsProtExec: 1;
    unsigned int _allowsSetTime: 1;
    unsigned int _allowsPS: 1;
    unsigned int _allowsVMInfo: 1;
    unsigned int _allowsChangingProcessRights: 1;
    unsigned int _allowsPF: 1;
    unsigned int _allowsAudio: 1;
    unsigned int _allowsBPF: 1;
    unsigned int _allowsUnveil: 1;
    unsigned int _returnsErrors: 1;
    OFMutableArray OF_GENERIC(OFSandboxUnveilPath) *_unveiledPaths;
@public
    size_t _unveiledPathsIndex;
}
 
@property (nonatomic) bool allowsStdIO;
@property (nonatomic) bool allowsReadingFiles;
@property (nonatomic) bool allowsWritingFiles;
@property (nonatomic) bool allowsCreatingFiles;
@property (nonatomic) bool allowsCreatingSpecialFiles;
@property (nonatomic) bool allowsTemporaryFiles;
@property (nonatomic) bool allowsIPSockets;
@property (nonatomic) bool allowsMulticastSockets;
@property (nonatomic) bool allowsChangingFileAttributes;
@property (nonatomic) bool allowsFileOwnerChanges;
@property (nonatomic) bool allowsFileLocks;
@property (nonatomic) bool allowsUNIXSockets;
@property (nonatomic) bool allowsDNS;
@property (nonatomic) bool allowsUserDatabaseReading;
@property (nonatomic) bool allowsFileDescriptorSending;
@property (nonatomic) bool allowsFileDescriptorReceiving;
@property (nonatomic) bool allowsTape;
@property (nonatomic) bool allowsTTY;
@property (nonatomic) bool allowsProcessOperations;
@property (nonatomic) bool allowsExec;
@property (nonatomic) bool allowsProtExec;
@property (nonatomic) bool allowsSetTime;
@property (nonatomic) bool allowsPS;
@property (nonatomic) bool allowsVMInfo;
@property (nonatomic) bool allowsChangingProcessRights;
@property (nonatomic) bool allowsPF;
@property (nonatomic) bool allowsAudio;
@property (nonatomic) bool allowsBPF;
@property (nonatomic) bool allowsUnveil;
@property (nonatomic) bool returnsErrors;
#ifdef OF_HAVE_PLEDGE
@property (readonly, nonatomic) OFString *pledgeString;
#endif
@property (readonly, nonatomic)
    OFArray OF_GENERIC(OFSandboxUnveilPath) *unveiledPaths;
 
+ (instancetype)sandbox;
- (void)unveilPath: (OFString *)path permissions: (OFString *)permissions;
@end
 
OF_ASSUME_NONNULL_END