@anthropic-ai/sandbox-runtime 0.0.28 → 0.0.30
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +12 -1
- package/dist/cli.js +38 -38
- package/dist/cli.js.map +1 -1
- package/dist/index.d.ts +3 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -0
- package/dist/index.js.map +1 -1
- package/dist/sandbox/generate-seccomp-filter.d.ts +14 -8
- package/dist/sandbox/generate-seccomp-filter.d.ts.map +1 -1
- package/dist/sandbox/generate-seccomp-filter.js +118 -45
- package/dist/sandbox/generate-seccomp-filter.js.map +1 -1
- package/dist/sandbox/linux-sandbox-utils.d.ts +27 -5
- package/dist/sandbox/linux-sandbox-utils.d.ts.map +1 -1
- package/dist/sandbox/linux-sandbox-utils.js +49 -39
- package/dist/sandbox/linux-sandbox-utils.js.map +1 -1
- package/dist/sandbox/sandbox-config.d.ts.map +1 -1
- package/dist/sandbox/sandbox-config.js +2 -2
- package/dist/sandbox/sandbox-config.js.map +1 -1
- package/dist/sandbox/sandbox-manager.d.ts +3 -3
- package/dist/sandbox/sandbox-manager.d.ts.map +1 -1
- package/dist/sandbox/sandbox-manager.js +47 -61
- package/dist/sandbox/sandbox-manager.js.map +1 -1
- package/dist/utils/config-loader.d.ts +11 -0
- package/dist/utils/config-loader.d.ts.map +1 -0
- package/dist/utils/config-loader.js +60 -0
- package/dist/utils/config-loader.js.map +1 -0
- package/dist/utils/platform.d.ts +9 -0
- package/dist/utils/platform.d.ts.map +1 -1
- package/dist/utils/platform.js +33 -0
- package/dist/utils/platform.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -283,9 +283,20 @@ Uses an **allow-only pattern** - all network access is denied by default.
|
|
|
283
283
|
|
|
284
284
|
- `network.allowedDomains` - Array of allowed domains (supports wildcards like `*.example.com`). Empty array = no network access.
|
|
285
285
|
- `network.deniedDomains` - Array of denied domains (checked first, takes precedence over allowedDomains)
|
|
286
|
-
- `network.allowUnixSockets` - Array of Unix socket paths that can be accessed (macOS only)
|
|
287
286
|
- `network.allowLocalBinding` - Allow binding to local ports (boolean, default: false)
|
|
288
287
|
|
|
288
|
+
**Unix Socket Settings** (platform-specific behavior):
|
|
289
|
+
|
|
290
|
+
| Setting | macOS | Linux |
|
|
291
|
+
|---------|-------|-------|
|
|
292
|
+
| `allowUnixSockets: string[]` | Allowlist of socket paths | *Ignored* (seccomp can't filter by path) |
|
|
293
|
+
| `allowAllUnixSockets: boolean` | Allow all sockets | Disable seccomp blocking |
|
|
294
|
+
|
|
295
|
+
Unix sockets are **blocked by default** on both platforms.
|
|
296
|
+
|
|
297
|
+
- **macOS**: Use `allowUnixSockets` to allow specific paths (e.g., `["/var/run/docker.sock"]`), or `allowAllUnixSockets: true` to allow all.
|
|
298
|
+
- **Linux**: Blocking uses seccomp filters (x64/arm64 only). If seccomp isn't available, sockets are unrestricted and a warning is shown. Use `allowAllUnixSockets: true` to explicitly disable blocking.
|
|
299
|
+
|
|
289
300
|
#### Filesystem Configuration
|
|
290
301
|
|
|
291
302
|
Uses two different patterns:
|
package/dist/cli.js
CHANGED
|
@@ -1,49 +1,13 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
2
|
import { Command } from 'commander';
|
|
3
3
|
import { SandboxManager } from './index.js';
|
|
4
|
-
import { SandboxRuntimeConfigSchema, } from './sandbox/sandbox-config.js';
|
|
5
4
|
import { spawn } from 'child_process';
|
|
6
5
|
import { logForDebugging } from './utils/debug.js';
|
|
6
|
+
import { loadConfig, loadConfigFromString } from './utils/config-loader.js';
|
|
7
|
+
import * as readline from 'readline';
|
|
7
8
|
import * as fs from 'fs';
|
|
8
9
|
import * as path from 'path';
|
|
9
10
|
import * as os from 'os';
|
|
10
|
-
/**
|
|
11
|
-
* Load and validate sandbox configuration from a file
|
|
12
|
-
*/
|
|
13
|
-
function loadConfig(filePath) {
|
|
14
|
-
try {
|
|
15
|
-
if (!fs.existsSync(filePath)) {
|
|
16
|
-
return null;
|
|
17
|
-
}
|
|
18
|
-
const content = fs.readFileSync(filePath, 'utf-8');
|
|
19
|
-
if (content.trim() === '') {
|
|
20
|
-
return null;
|
|
21
|
-
}
|
|
22
|
-
// Parse JSON
|
|
23
|
-
const parsed = JSON.parse(content);
|
|
24
|
-
// Validate with zod schema
|
|
25
|
-
const result = SandboxRuntimeConfigSchema.safeParse(parsed);
|
|
26
|
-
if (!result.success) {
|
|
27
|
-
console.error(`Invalid configuration in ${filePath}:`);
|
|
28
|
-
result.error.issues.forEach(issue => {
|
|
29
|
-
const path = issue.path.join('.');
|
|
30
|
-
console.error(` - ${path}: ${issue.message}`);
|
|
31
|
-
});
|
|
32
|
-
return null;
|
|
33
|
-
}
|
|
34
|
-
return result.data;
|
|
35
|
-
}
|
|
36
|
-
catch (error) {
|
|
37
|
-
// Log parse errors to help users debug invalid config files
|
|
38
|
-
if (error instanceof SyntaxError) {
|
|
39
|
-
console.error(`Invalid JSON in config file ${filePath}: ${error.message}`);
|
|
40
|
-
}
|
|
41
|
-
else {
|
|
42
|
-
console.error(`Failed to load config from ${filePath}: ${error}`);
|
|
43
|
-
}
|
|
44
|
-
return null;
|
|
45
|
-
}
|
|
46
|
-
}
|
|
47
11
|
/**
|
|
48
12
|
* Get default config path
|
|
49
13
|
*/
|
|
@@ -78,6 +42,7 @@ async function main() {
|
|
|
78
42
|
.option('-d, --debug', 'enable debug logging')
|
|
79
43
|
.option('-s, --settings <path>', 'path to config file (default: ~/.srt-settings.json)')
|
|
80
44
|
.option('-c <command>', 'run command string directly (like sh -c), no escaping applied')
|
|
45
|
+
.option('--control-fd <fd>', 'read config updates from file descriptor (JSON lines protocol)', parseInt)
|
|
81
46
|
.allowUnknownOption()
|
|
82
47
|
.action(async (commandArgs, options) => {
|
|
83
48
|
try {
|
|
@@ -95,6 +60,41 @@ async function main() {
|
|
|
95
60
|
// Initialize sandbox with config
|
|
96
61
|
logForDebugging('Initializing sandbox...');
|
|
97
62
|
await SandboxManager.initialize(runtimeConfig);
|
|
63
|
+
// Set up control fd for dynamic config updates if specified
|
|
64
|
+
let controlReader = null;
|
|
65
|
+
if (options.controlFd !== undefined) {
|
|
66
|
+
try {
|
|
67
|
+
const controlStream = fs.createReadStream('', {
|
|
68
|
+
fd: options.controlFd,
|
|
69
|
+
});
|
|
70
|
+
controlReader = readline.createInterface({
|
|
71
|
+
input: controlStream,
|
|
72
|
+
crlfDelay: Infinity,
|
|
73
|
+
});
|
|
74
|
+
controlReader.on('line', line => {
|
|
75
|
+
const newConfig = loadConfigFromString(line);
|
|
76
|
+
if (newConfig) {
|
|
77
|
+
logForDebugging(`Config updated from control fd: ${JSON.stringify(newConfig)}`);
|
|
78
|
+
SandboxManager.updateConfig(newConfig);
|
|
79
|
+
}
|
|
80
|
+
else if (line.trim()) {
|
|
81
|
+
// Only log non-empty lines that failed to parse
|
|
82
|
+
logForDebugging(`Invalid config on control fd (ignored): ${line}`);
|
|
83
|
+
}
|
|
84
|
+
});
|
|
85
|
+
controlReader.on('error', err => {
|
|
86
|
+
logForDebugging(`Control fd error: ${err.message}`);
|
|
87
|
+
});
|
|
88
|
+
logForDebugging(`Listening for config updates on fd ${options.controlFd}`);
|
|
89
|
+
}
|
|
90
|
+
catch (err) {
|
|
91
|
+
logForDebugging(`Failed to open control fd ${options.controlFd}: ${err instanceof Error ? err.message : String(err)}`);
|
|
92
|
+
}
|
|
93
|
+
}
|
|
94
|
+
// Cleanup control reader on exit
|
|
95
|
+
process.on('exit', () => {
|
|
96
|
+
controlReader?.close();
|
|
97
|
+
});
|
|
98
98
|
// Determine command string based on mode
|
|
99
99
|
let command;
|
|
100
100
|
if (options.c) {
|
package/dist/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACnC,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAA;
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACnC,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAA;AAE3C,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAA;AACrC,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAA;AAClD,OAAO,EAAE,UAAU,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAA;AAC3E,OAAO,KAAK,QAAQ,MAAM,UAAU,CAAA;AACpC,OAAO,KAAK,EAAE,MAAM,IAAI,CAAA;AACxB,OAAO,KAAK,IAAI,MAAM,MAAM,CAAA;AAC5B,OAAO,KAAK,EAAE,MAAM,IAAI,CAAA;AAExB;;GAEG;AACH,SAAS,oBAAoB;IAC3B,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,oBAAoB,CAAC,CAAA;AACtD,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB;IACvB,OAAO;QACL,OAAO,EAAE;YACP,cAAc,EAAE,EAAE;YAClB,aAAa,EAAE,EAAE;SAClB;QACD,UAAU,EAAE;YACV,QAAQ,EAAE,EAAE;YACZ,UAAU,EAAE,EAAE;YACd,SAAS,EAAE,EAAE;SACd;KACF,CAAA;AACH,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAA;IAE7B,OAAO;SACJ,IAAI,CAAC,KAAK,CAAC;SACX,WAAW,CACV,oEAAoE,CACrE;SACA,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,OAAO,CAAC,CAAA;IAEtD,2CAA2C;IAC3C,OAAO;SACJ,QAAQ,CAAC,cAAc,EAAE,+BAA+B,CAAC;SACzD,MAAM,CAAC,aAAa,EAAE,sBAAsB,CAAC;SAC7C,MAAM,CACL,uBAAuB,EACvB,qDAAqD,CACtD;SACA,MAAM,CACL,cAAc,EACd,+DAA+D,CAChE;SACA,MAAM,CACL,mBAAmB,EACnB,gEAAgE,EAChE,QAAQ,CACT;SACA,kBAAkB,EAAE;SACpB,MAAM,CACL,KAAK,EACH,WAAqB,EACrB,OAKC,EACD,EAAE;QACF,IAAI,CAAC;YACH,oCAAoC;YACpC,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;gBAClB,OAAO,CAAC,GAAG,CAAC,KAAK,GAAG,MAAM,CAAA;YAC5B,CAAC;YAED,wBAAwB;YACxB,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,IAAI,oBAAoB,EAAE,CAAA;YAC7D,IAAI,aAAa,GAAG,UAAU,CAAC,UAAU,CAAC,CAAA;YAE1C,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,eAAe,CACb,sBAAsB,UAAU,wBAAwB,CACzD,CAAA;gBACD,aAAa,GAAG,gBAAgB,EAAE,CAAA;YACpC,CAAC;YAED,iCAAiC;YACjC,eAAe,CAAC,yBAAyB,CAAC,CAAA;YAC1C,MAAM,cAAc,CAAC,UAAU,CAAC,aAAa,CAAC,CAAA;YAE9C,4DAA4D;YAC5D,IAAI,aAAa,GAA8B,IAAI,CAAA;YACnD,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;gBACpC,IAAI,CAAC;oBACH,MAAM,aAAa,GAAG,EAAE,CAAC,gBAAgB,CAAC,EAAE,EAAE;wBAC5C,EAAE,EAAE,OAAO,CAAC,SAAS;qBACtB,CAAC,CAAA;oBACF,aAAa,GAAG,QAAQ,CAAC,eAAe,CAAC;wBACvC,KAAK,EAAE,aAAa;wBACpB,SAAS,EAAE,QAAQ;qBACpB,CAAC,CAAA;oBAEF,aAAa,CAAC,EAAE,CAAC,MAAM,EAAE,IAAI,CAAC,EAAE;wBAC9B,MAAM,SAAS,GAAG,oBAAoB,CAAC,IAAI,CAAC,CAAA;wBAC5C,IAAI,SAAS,EAAE,CAAC;4BACd,eAAe,CACb,mCAAmC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,CAC/D,CAAA;4BACD,cAAc,CAAC,YAAY,CAAC,SAAS,CAAC,CAAA;wBACxC,CAAC;6BAAM,IAAI,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC;4BACvB,gDAAgD;4BAChD,eAAe,CACb,2CAA2C,IAAI,EAAE,CAClD,CAAA;wBACH,CAAC;oBACH,CAAC,CAAC,CAAA;oBAEF,aAAa,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE;wBAC9B,eAAe,CAAC,qBAAqB,GAAG,CAAC,OAAO,EAAE,CAAC,CAAA;oBACrD,CAAC,CAAC,CAAA;oBAEF,eAAe,CACb,sCAAsC,OAAO,CAAC,SAAS,EAAE,CAC1D,CAAA;gBACH,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,eAAe,CACb,6BAA6B,OAAO,CAAC,SAAS,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CACtG,CAAA;gBACH,CAAC;YACH,CAAC;YAED,iCAAiC;YACjC,OAAO,CAAC,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE;gBACtB,aAAa,EAAE,KAAK,EAAE,CAAA;YACxB,CAAC,CAAC,CAAA;YAEF,yCAAyC;YACzC,IAAI,OAAe,CAAA;YACnB,IAAI,OAAO,CAAC,CAAC,EAAE,CAAC;gBACd,oDAAoD;gBACpD,OAAO,GAAG,OAAO,CAAC,CAAC,CAAA;gBACnB,eAAe,CAAC,6BAA6B,OAAO,EAAE,CAAC,CAAA;YACzD,CAAC;iBAAM,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAClC,4BAA4B;gBAC5B,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;gBAC/B,eAAe,CAAC,qBAAqB,OAAO,EAAE,CAAC,CAAA;YACjD,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,KAAK,CACX,6EAA6E,CAC9E,CAAA;gBACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;YACjB,CAAC;YAED,eAAe,CACb,IAAI,CAAC,SAAS,CACZ,cAAc,CAAC,2BAA2B,EAAE,EAC5C,IAAI,EACJ,CAAC,CACF,CACF,CAAA;YAED,6CAA6C;YAC7C,MAAM,gBAAgB,GAAG,MAAM,cAAc,CAAC,eAAe,CAAC,OAAO,CAAC,CAAA;YAEtE,gCAAgC;YAChC,MAAM,KAAK,GAAG,KAAK,CAAC,gBAAgB,EAAE;gBACpC,KAAK,EAAE,IAAI;gBACX,KAAK,EAAE,SAAS;aACjB,CAAC,CAAA;YAEF,sBAAsB;YACtB,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE;gBAChC,IAAI,MAAM,EAAE,CAAC;oBACX,IAAI,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;wBAChD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;oBACjB,CAAC;yBAAM,CAAC;wBACN,OAAO,CAAC,KAAK,CAAC,6BAA6B,MAAM,EAAE,CAAC,CAAA;wBACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;oBACjB,CAAC;gBACH,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,CAAA;YACzB,CAAC,CAAC,CAAA;YAEF,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,KAAK,CAAC,EAAE;gBACxB,OAAO,CAAC,KAAK,CAAC,8BAA8B,KAAK,CAAC,OAAO,EAAE,CAAC,CAAA;gBAC5D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;YACjB,CAAC,CAAC,CAAA;YAEF,8BAA8B;YAC9B,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE;gBACxB,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;YACtB,CAAC,CAAC,CAAA;YAEF,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE;gBACzB,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;YACvB,CAAC,CAAC,CAAA;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CACX,UAAU,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CACnE,CAAA;YACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;IACH,CAAC,CACF,CAAA;IAEH,OAAO,CAAC,KAAK,EAAE,CAAA;AACjB,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE;IACnB,OAAO,CAAC,KAAK,CAAC,cAAc,EAAE,KAAK,CAAC,CAAA;IACpC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC,CAAC,CAAA"}
|
package/dist/index.d.ts
CHANGED
|
@@ -4,5 +4,8 @@ export type { SandboxRuntimeConfig, NetworkConfig, FilesystemConfig, IgnoreViola
|
|
|
4
4
|
export { SandboxRuntimeConfigSchema, NetworkConfigSchema, FilesystemConfigSchema, IgnoreViolationsConfigSchema, RipgrepConfigSchema, } from './sandbox/sandbox-config.js';
|
|
5
5
|
export type { SandboxAskCallback, FsReadRestrictionConfig, FsWriteRestrictionConfig, NetworkRestrictionConfig, NetworkHostPattern, } from './sandbox/sandbox-schemas.js';
|
|
6
6
|
export type { SandboxViolationEvent } from './sandbox/macos-sandbox-utils.js';
|
|
7
|
+
export { type SandboxDependencyCheck } from './sandbox/linux-sandbox-utils.js';
|
|
7
8
|
export { getDefaultWritePaths } from './sandbox/sandbox-utils.js';
|
|
9
|
+
export { getWslVersion } from './utils/platform.js';
|
|
10
|
+
export type { Platform } from './utils/platform.js';
|
|
8
11
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAA;AAC7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,sCAAsC,CAAA;AAG5E,YAAY,EACV,oBAAoB,EACpB,aAAa,EACb,gBAAgB,EAChB,sBAAsB,GACvB,MAAM,6BAA6B,CAAA;AAEpC,OAAO,EACL,0BAA0B,EAC1B,mBAAmB,EACnB,sBAAsB,EACtB,4BAA4B,EAC5B,mBAAmB,GACpB,MAAM,6BAA6B,CAAA;AAGpC,YAAY,EACV,kBAAkB,EAClB,uBAAuB,EACvB,wBAAwB,EACxB,wBAAwB,EACxB,kBAAkB,GACnB,MAAM,8BAA8B,CAAA;AAGrC,YAAY,EAAE,qBAAqB,EAAE,MAAM,kCAAkC,CAAA;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAA;AAC7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,sCAAsC,CAAA;AAG5E,YAAY,EACV,oBAAoB,EACpB,aAAa,EACb,gBAAgB,EAChB,sBAAsB,GACvB,MAAM,6BAA6B,CAAA;AAEpC,OAAO,EACL,0BAA0B,EAC1B,mBAAmB,EACnB,sBAAsB,EACtB,4BAA4B,EAC5B,mBAAmB,GACpB,MAAM,6BAA6B,CAAA;AAGpC,YAAY,EACV,kBAAkB,EAClB,uBAAuB,EACvB,wBAAwB,EACxB,wBAAwB,EACxB,kBAAkB,GACnB,MAAM,8BAA8B,CAAA;AAGrC,YAAY,EAAE,qBAAqB,EAAE,MAAM,kCAAkC,CAAA;AAC7E,OAAO,EAAE,KAAK,sBAAsB,EAAE,MAAM,kCAAkC,CAAA;AAG9E,OAAO,EAAE,oBAAoB,EAAE,MAAM,4BAA4B,CAAA;AAGjE,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACnD,YAAY,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAA"}
|
package/dist/index.js
CHANGED
|
@@ -4,4 +4,6 @@ export { SandboxViolationStore } from './sandbox/sandbox-violation-store.js';
|
|
|
4
4
|
export { SandboxRuntimeConfigSchema, NetworkConfigSchema, FilesystemConfigSchema, IgnoreViolationsConfigSchema, RipgrepConfigSchema, } from './sandbox/sandbox-config.js';
|
|
5
5
|
// Utility functions
|
|
6
6
|
export { getDefaultWritePaths } from './sandbox/sandbox-utils.js';
|
|
7
|
+
// Platform utilities
|
|
8
|
+
export { getWslVersion } from './utils/platform.js';
|
|
7
9
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,kBAAkB;AAClB,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAA;AAC7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,sCAAsC,CAAA;AAU5E,OAAO,EACL,0BAA0B,EAC1B,mBAAmB,EACnB,sBAAsB,EACtB,4BAA4B,EAC5B,mBAAmB,GACpB,MAAM,6BAA6B,CAAA;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,kBAAkB;AAClB,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAA;AAC7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,sCAAsC,CAAA;AAU5E,OAAO,EACL,0BAA0B,EAC1B,mBAAmB,EACnB,sBAAsB,EACtB,4BAA4B,EAC5B,mBAAmB,GACpB,MAAM,6BAA6B,CAAA;AAepC,oBAAoB;AACpB,OAAO,EAAE,oBAAoB,EAAE,MAAM,4BAA4B,CAAA;AAEjE,qBAAqB;AACrB,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA"}
|
|
@@ -6,14 +6,17 @@
|
|
|
6
6
|
* - vendor/seccomp/{x64,arm64}/unix-block.bpf
|
|
7
7
|
*
|
|
8
8
|
* Tries multiple paths for resilience:
|
|
9
|
-
* 0.
|
|
9
|
+
* 0. Explicit path provided via parameter (checked first if provided)
|
|
10
10
|
* 1. vendor/seccomp/{arch}/unix-block.bpf (bundled - when bundled into consuming packages)
|
|
11
11
|
* 2. ../../vendor/seccomp/{arch}/unix-block.bpf (package root - standard npm installs)
|
|
12
12
|
* 3. ../vendor/seccomp/{arch}/unix-block.bpf (dist/vendor - for bundlers)
|
|
13
|
+
* 4. Global npm install (if seccompBinaryPath not provided) - for native builds
|
|
13
14
|
*
|
|
14
|
-
* @param
|
|
15
|
+
* @param seccompBinaryPath - Optional explicit path to the BPF filter file. If provided and
|
|
16
|
+
* exists, it will be used. If not provided, falls back to searching local paths and then
|
|
17
|
+
* global npm install (for native builds where vendor directory isn't bundled).
|
|
15
18
|
*/
|
|
16
|
-
export declare function getPreGeneratedBpfPath(
|
|
19
|
+
export declare function getPreGeneratedBpfPath(seccompBinaryPath?: string): string | null;
|
|
17
20
|
/**
|
|
18
21
|
* Get the path to the apply-seccomp binary from the vendor directory
|
|
19
22
|
* Returns the path if it exists, null otherwise
|
|
@@ -22,14 +25,17 @@ export declare function getPreGeneratedBpfPath(expectedPath?: string): string |
|
|
|
22
25
|
* - vendor/seccomp/{x64,arm64}/apply-seccomp
|
|
23
26
|
*
|
|
24
27
|
* Tries multiple paths for resilience:
|
|
25
|
-
* 0.
|
|
28
|
+
* 0. Explicit path provided via parameter (checked first if provided)
|
|
26
29
|
* 1. vendor/seccomp/{arch}/apply-seccomp (bundled - when bundled into consuming packages)
|
|
27
30
|
* 2. ../../vendor/seccomp/{arch}/apply-seccomp (package root - standard npm installs)
|
|
28
31
|
* 3. ../vendor/seccomp/{arch}/apply-seccomp (dist/vendor - for bundlers)
|
|
32
|
+
* 4. Global npm install (if seccompBinaryPath not provided) - for native builds
|
|
29
33
|
*
|
|
30
|
-
* @param
|
|
34
|
+
* @param seccompBinaryPath - Optional explicit path to the apply-seccomp binary. If provided
|
|
35
|
+
* and exists, it will be used. If not provided, falls back to searching local paths and
|
|
36
|
+
* then global npm install (for native builds where vendor directory isn't bundled).
|
|
31
37
|
*/
|
|
32
|
-
export declare function getApplySeccompBinaryPath(
|
|
38
|
+
export declare function getApplySeccompBinaryPath(seccompBinaryPath?: string): string | null;
|
|
33
39
|
/**
|
|
34
40
|
* Get the path to a pre-generated seccomp BPF filter that blocks Unix domain socket creation
|
|
35
41
|
* Returns the path to the BPF filter file, or null if not available
|
|
@@ -51,10 +57,10 @@ export declare function getApplySeccompBinaryPath(expectedPath?: string): string
|
|
|
51
57
|
* - Pre-generated BPF filters included for x64 and ARM64 only
|
|
52
58
|
* - Other architectures are not supported
|
|
53
59
|
*
|
|
54
|
-
* @param
|
|
60
|
+
* @param seccompBinaryPath - Optional explicit path to the BPF filter file
|
|
55
61
|
* @returns Path to the pre-generated BPF filter file, or null if not available
|
|
56
62
|
*/
|
|
57
|
-
export declare function generateSeccompFilter(
|
|
63
|
+
export declare function generateSeccompFilter(seccompBinaryPath?: string): string | null;
|
|
58
64
|
/**
|
|
59
65
|
* Clean up a seccomp filter file
|
|
60
66
|
* Since we only use pre-generated BPF files from vendor/, this is a no-op.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generate-seccomp-filter.d.ts","sourceRoot":"","sources":["../../src/sandbox/generate-seccomp-filter.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"generate-seccomp-filter.d.ts","sourceRoot":"","sources":["../../src/sandbox/generate-seccomp-filter.ts"],"names":[],"mappings":"AAwIA;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,sBAAsB,CACpC,iBAAiB,CAAC,EAAE,MAAM,GACzB,MAAM,GAAG,IAAI,CASf;AA6DD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,yBAAyB,CACvC,iBAAiB,CAAC,EAAE,MAAM,GACzB,MAAM,GAAG,IAAI,CASf;AA6DD;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,wBAAgB,qBAAqB,CACnC,iBAAiB,CAAC,EAAE,MAAM,GACzB,MAAM,GAAG,IAAI,CAaf;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI,CAE9D"}
|
|
@@ -1,7 +1,43 @@
|
|
|
1
1
|
import { join, dirname } from 'node:path';
|
|
2
2
|
import { fileURLToPath } from 'node:url';
|
|
3
3
|
import * as fs from 'node:fs';
|
|
4
|
+
import { execSync } from 'node:child_process';
|
|
5
|
+
import { homedir } from 'node:os';
|
|
4
6
|
import { logForDebugging } from '../utils/debug.js';
|
|
7
|
+
// Cache for path lookups (key: explicit path or empty string, value: resolved path or null)
|
|
8
|
+
const bpfPathCache = new Map();
|
|
9
|
+
const applySeccompPathCache = new Map();
|
|
10
|
+
/**
|
|
11
|
+
* Get paths to check for globally installed @anthropic-ai/sandbox-runtime package.
|
|
12
|
+
* This is used as a fallback when the binaries aren't bundled (e.g., native builds).
|
|
13
|
+
*/
|
|
14
|
+
function getGlobalNpmPaths() {
|
|
15
|
+
const paths = [];
|
|
16
|
+
// Try to get the actual global npm root
|
|
17
|
+
try {
|
|
18
|
+
const npmRoot = execSync('npm root -g', {
|
|
19
|
+
encoding: 'utf8',
|
|
20
|
+
timeout: 5000,
|
|
21
|
+
stdio: ['pipe', 'pipe', 'ignore'],
|
|
22
|
+
}).trim();
|
|
23
|
+
if (npmRoot) {
|
|
24
|
+
paths.push(join(npmRoot, '@anthropic-ai', 'sandbox-runtime'));
|
|
25
|
+
}
|
|
26
|
+
}
|
|
27
|
+
catch {
|
|
28
|
+
// npm not available or failed
|
|
29
|
+
}
|
|
30
|
+
// Common global npm locations as fallbacks
|
|
31
|
+
const home = homedir();
|
|
32
|
+
paths.push(
|
|
33
|
+
// npm global (Linux/macOS)
|
|
34
|
+
join('/usr', 'lib', 'node_modules', '@anthropic-ai', 'sandbox-runtime'), join('/usr', 'local', 'lib', 'node_modules', '@anthropic-ai', 'sandbox-runtime'),
|
|
35
|
+
// npm global with prefix (common on macOS with homebrew)
|
|
36
|
+
join('/opt', 'homebrew', 'lib', 'node_modules', '@anthropic-ai', 'sandbox-runtime'),
|
|
37
|
+
// User-local npm global
|
|
38
|
+
join(home, '.npm', 'lib', 'node_modules', '@anthropic-ai', 'sandbox-runtime'), join(home, '.npm-global', 'lib', 'node_modules', '@anthropic-ai', 'sandbox-runtime'));
|
|
39
|
+
return paths;
|
|
40
|
+
}
|
|
5
41
|
/**
|
|
6
42
|
* Map Node.js process.arch to our vendor directory architecture names
|
|
7
43
|
* Returns null for unsupported architectures
|
|
@@ -39,6 +75,21 @@ function getVendorArchitecture() {
|
|
|
39
75
|
return null;
|
|
40
76
|
}
|
|
41
77
|
}
|
|
78
|
+
/**
|
|
79
|
+
* Get local paths to check for seccomp files (bundled or package installs).
|
|
80
|
+
*/
|
|
81
|
+
function getLocalSeccompPaths(filename) {
|
|
82
|
+
const arch = getVendorArchitecture();
|
|
83
|
+
if (!arch)
|
|
84
|
+
return [];
|
|
85
|
+
const baseDir = dirname(fileURLToPath(import.meta.url));
|
|
86
|
+
const relativePath = join('vendor', 'seccomp', arch, filename);
|
|
87
|
+
return [
|
|
88
|
+
join(baseDir, relativePath), // bundled: same directory as bundle (e.g., when bundled into claude-cli)
|
|
89
|
+
join(baseDir, '..', '..', relativePath), // package root: vendor/seccomp/...
|
|
90
|
+
join(baseDir, '..', relativePath), // dist: dist/vendor/seccomp/...
|
|
91
|
+
];
|
|
92
|
+
}
|
|
42
93
|
/**
|
|
43
94
|
* Get the path to a pre-generated BPF filter file from the vendor directory
|
|
44
95
|
* Returns the path if it exists, null otherwise
|
|
@@ -47,45 +98,57 @@ function getVendorArchitecture() {
|
|
|
47
98
|
* - vendor/seccomp/{x64,arm64}/unix-block.bpf
|
|
48
99
|
*
|
|
49
100
|
* Tries multiple paths for resilience:
|
|
50
|
-
* 0.
|
|
101
|
+
* 0. Explicit path provided via parameter (checked first if provided)
|
|
51
102
|
* 1. vendor/seccomp/{arch}/unix-block.bpf (bundled - when bundled into consuming packages)
|
|
52
103
|
* 2. ../../vendor/seccomp/{arch}/unix-block.bpf (package root - standard npm installs)
|
|
53
104
|
* 3. ../vendor/seccomp/{arch}/unix-block.bpf (dist/vendor - for bundlers)
|
|
105
|
+
* 4. Global npm install (if seccompBinaryPath not provided) - for native builds
|
|
54
106
|
*
|
|
55
|
-
* @param
|
|
107
|
+
* @param seccompBinaryPath - Optional explicit path to the BPF filter file. If provided and
|
|
108
|
+
* exists, it will be used. If not provided, falls back to searching local paths and then
|
|
109
|
+
* global npm install (for native builds where vendor directory isn't bundled).
|
|
56
110
|
*/
|
|
57
|
-
export function getPreGeneratedBpfPath(
|
|
58
|
-
|
|
59
|
-
if (
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
111
|
+
export function getPreGeneratedBpfPath(seccompBinaryPath) {
|
|
112
|
+
const cacheKey = seccompBinaryPath ?? '';
|
|
113
|
+
if (bpfPathCache.has(cacheKey)) {
|
|
114
|
+
return bpfPathCache.get(cacheKey);
|
|
115
|
+
}
|
|
116
|
+
const result = findBpfPath(seccompBinaryPath);
|
|
117
|
+
bpfPathCache.set(cacheKey, result);
|
|
118
|
+
return result;
|
|
119
|
+
}
|
|
120
|
+
// NOTE: This is a slow operation (synchronous fs lookups + execSync). Ensure calls
|
|
121
|
+
// are memoized at the top level rather than invoked repeatedly.
|
|
122
|
+
function findBpfPath(seccompBinaryPath) {
|
|
123
|
+
// Check explicit path first (highest priority)
|
|
124
|
+
if (seccompBinaryPath) {
|
|
125
|
+
if (fs.existsSync(seccompBinaryPath)) {
|
|
126
|
+
logForDebugging(`[SeccompFilter] Using BPF filter from explicit path: ${seccompBinaryPath}`);
|
|
127
|
+
return seccompBinaryPath;
|
|
63
128
|
}
|
|
64
|
-
logForDebugging(`[SeccompFilter]
|
|
129
|
+
logForDebugging(`[SeccompFilter] Explicit path provided but file not found: ${seccompBinaryPath}`);
|
|
65
130
|
}
|
|
66
|
-
// Determine architecture
|
|
67
131
|
const arch = getVendorArchitecture();
|
|
68
132
|
if (!arch) {
|
|
69
133
|
logForDebugging(`[SeccompFilter] Cannot find pre-generated BPF filter: unsupported architecture ${process.arch}`);
|
|
70
134
|
return null;
|
|
71
135
|
}
|
|
72
136
|
logForDebugging(`[SeccompFilter] Detected architecture: ${arch}`);
|
|
73
|
-
//
|
|
74
|
-
|
|
75
|
-
const baseDir = dirname(fileURLToPath(import.meta.url));
|
|
76
|
-
const relativePath = join('vendor', 'seccomp', arch, 'unix-block.bpf');
|
|
77
|
-
// Try paths in order of preference
|
|
78
|
-
const pathsToTry = [
|
|
79
|
-
join(baseDir, relativePath), // bundled: same directory as bundle (e.g., when bundled into claude-cli)
|
|
80
|
-
join(baseDir, '..', '..', relativePath), // package root: vendor/seccomp/...
|
|
81
|
-
join(baseDir, '..', relativePath), // dist: dist/vendor/seccomp/...
|
|
82
|
-
];
|
|
83
|
-
for (const bpfPath of pathsToTry) {
|
|
137
|
+
// Check local paths first (bundled or package install)
|
|
138
|
+
for (const bpfPath of getLocalSeccompPaths('unix-block.bpf')) {
|
|
84
139
|
if (fs.existsSync(bpfPath)) {
|
|
85
140
|
logForDebugging(`[SeccompFilter] Found pre-generated BPF filter: ${bpfPath} (${arch})`);
|
|
86
141
|
return bpfPath;
|
|
87
142
|
}
|
|
88
143
|
}
|
|
144
|
+
// Fallback: check global npm install (for native builds without bundled vendor)
|
|
145
|
+
for (const globalBase of getGlobalNpmPaths()) {
|
|
146
|
+
const bpfPath = join(globalBase, 'vendor', 'seccomp', arch, 'unix-block.bpf');
|
|
147
|
+
if (fs.existsSync(bpfPath)) {
|
|
148
|
+
logForDebugging(`[SeccompFilter] Found pre-generated BPF filter in global install: ${bpfPath} (${arch})`);
|
|
149
|
+
return bpfPath;
|
|
150
|
+
}
|
|
151
|
+
}
|
|
89
152
|
logForDebugging(`[SeccompFilter] Pre-generated BPF filter not found in any expected location (${arch})`);
|
|
90
153
|
return null;
|
|
91
154
|
}
|
|
@@ -97,45 +160,55 @@ export function getPreGeneratedBpfPath(expectedPath) {
|
|
|
97
160
|
* - vendor/seccomp/{x64,arm64}/apply-seccomp
|
|
98
161
|
*
|
|
99
162
|
* Tries multiple paths for resilience:
|
|
100
|
-
* 0.
|
|
163
|
+
* 0. Explicit path provided via parameter (checked first if provided)
|
|
101
164
|
* 1. vendor/seccomp/{arch}/apply-seccomp (bundled - when bundled into consuming packages)
|
|
102
165
|
* 2. ../../vendor/seccomp/{arch}/apply-seccomp (package root - standard npm installs)
|
|
103
166
|
* 3. ../vendor/seccomp/{arch}/apply-seccomp (dist/vendor - for bundlers)
|
|
167
|
+
* 4. Global npm install (if seccompBinaryPath not provided) - for native builds
|
|
104
168
|
*
|
|
105
|
-
* @param
|
|
169
|
+
* @param seccompBinaryPath - Optional explicit path to the apply-seccomp binary. If provided
|
|
170
|
+
* and exists, it will be used. If not provided, falls back to searching local paths and
|
|
171
|
+
* then global npm install (for native builds where vendor directory isn't bundled).
|
|
106
172
|
*/
|
|
107
|
-
export function getApplySeccompBinaryPath(
|
|
108
|
-
|
|
109
|
-
if (
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
173
|
+
export function getApplySeccompBinaryPath(seccompBinaryPath) {
|
|
174
|
+
const cacheKey = seccompBinaryPath ?? '';
|
|
175
|
+
if (applySeccompPathCache.has(cacheKey)) {
|
|
176
|
+
return applySeccompPathCache.get(cacheKey);
|
|
177
|
+
}
|
|
178
|
+
const result = findApplySeccompPath(seccompBinaryPath);
|
|
179
|
+
applySeccompPathCache.set(cacheKey, result);
|
|
180
|
+
return result;
|
|
181
|
+
}
|
|
182
|
+
function findApplySeccompPath(seccompBinaryPath) {
|
|
183
|
+
// Check explicit path first (highest priority)
|
|
184
|
+
if (seccompBinaryPath) {
|
|
185
|
+
if (fs.existsSync(seccompBinaryPath)) {
|
|
186
|
+
logForDebugging(`[SeccompFilter] Using apply-seccomp binary from explicit path: ${seccompBinaryPath}`);
|
|
187
|
+
return seccompBinaryPath;
|
|
113
188
|
}
|
|
114
|
-
logForDebugging(`[SeccompFilter]
|
|
189
|
+
logForDebugging(`[SeccompFilter] Explicit path provided but file not found: ${seccompBinaryPath}`);
|
|
115
190
|
}
|
|
116
|
-
// Determine architecture
|
|
117
191
|
const arch = getVendorArchitecture();
|
|
118
192
|
if (!arch) {
|
|
119
193
|
logForDebugging(`[SeccompFilter] Cannot find apply-seccomp binary: unsupported architecture ${process.arch}`);
|
|
120
194
|
return null;
|
|
121
195
|
}
|
|
122
196
|
logForDebugging(`[SeccompFilter] Looking for apply-seccomp binary for architecture: ${arch}`);
|
|
123
|
-
//
|
|
124
|
-
|
|
125
|
-
const baseDir = dirname(fileURLToPath(import.meta.url));
|
|
126
|
-
const relativePath = join('vendor', 'seccomp', arch, 'apply-seccomp');
|
|
127
|
-
// Try paths in order of preference
|
|
128
|
-
const pathsToTry = [
|
|
129
|
-
join(baseDir, relativePath), // bundled: same directory as bundle (e.g., when bundled into claude-cli)
|
|
130
|
-
join(baseDir, '..', '..', relativePath), // package root: vendor/seccomp/...
|
|
131
|
-
join(baseDir, '..', relativePath), // dist: dist/vendor/seccomp/...
|
|
132
|
-
];
|
|
133
|
-
for (const binaryPath of pathsToTry) {
|
|
197
|
+
// Check local paths first (bundled or package install)
|
|
198
|
+
for (const binaryPath of getLocalSeccompPaths('apply-seccomp')) {
|
|
134
199
|
if (fs.existsSync(binaryPath)) {
|
|
135
200
|
logForDebugging(`[SeccompFilter] Found apply-seccomp binary: ${binaryPath} (${arch})`);
|
|
136
201
|
return binaryPath;
|
|
137
202
|
}
|
|
138
203
|
}
|
|
204
|
+
// Fallback: check global npm install (for native builds without bundled vendor)
|
|
205
|
+
for (const globalBase of getGlobalNpmPaths()) {
|
|
206
|
+
const binaryPath = join(globalBase, 'vendor', 'seccomp', arch, 'apply-seccomp');
|
|
207
|
+
if (fs.existsSync(binaryPath)) {
|
|
208
|
+
logForDebugging(`[SeccompFilter] Found apply-seccomp binary in global install: ${binaryPath} (${arch})`);
|
|
209
|
+
return binaryPath;
|
|
210
|
+
}
|
|
211
|
+
}
|
|
139
212
|
logForDebugging(`[SeccompFilter] apply-seccomp binary not found in any expected location (${arch})`);
|
|
140
213
|
return null;
|
|
141
214
|
}
|
|
@@ -160,11 +233,11 @@ export function getApplySeccompBinaryPath(expectedPath) {
|
|
|
160
233
|
* - Pre-generated BPF filters included for x64 and ARM64 only
|
|
161
234
|
* - Other architectures are not supported
|
|
162
235
|
*
|
|
163
|
-
* @param
|
|
236
|
+
* @param seccompBinaryPath - Optional explicit path to the BPF filter file
|
|
164
237
|
* @returns Path to the pre-generated BPF filter file, or null if not available
|
|
165
238
|
*/
|
|
166
|
-
export function generateSeccompFilter(
|
|
167
|
-
const preGeneratedBpf = getPreGeneratedBpfPath(
|
|
239
|
+
export function generateSeccompFilter(seccompBinaryPath) {
|
|
240
|
+
const preGeneratedBpf = getPreGeneratedBpfPath(seccompBinaryPath);
|
|
168
241
|
if (preGeneratedBpf) {
|
|
169
242
|
logForDebugging('[SeccompFilter] Using pre-generated BPF filter');
|
|
170
243
|
return preGeneratedBpf;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generate-seccomp-filter.js","sourceRoot":"","sources":["../../src/sandbox/generate-seccomp-filter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AACxC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAA;AAC7B,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AAEnD;;;GAGG;AACH,SAAS,qBAAqB;IAC5B,MAAM,IAAI,GAAG,OAAO,CAAC,IAAc,CAAA;IACnC,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,KAAK,CAAC;QACX,KAAK,QAAQ;YACX,OAAO,KAAK,CAAA;QACd,KAAK,OAAO,CAAC;QACb,KAAK,SAAS;YACZ,OAAO,OAAO,CAAA;QAChB,KAAK,MAAM,CAAC;QACZ,KAAK,KAAK;YACR,0CAA0C;YAC1C,wFAAwF;YACxF,mGAAmG;YACnG,4FAA4F;YAC5F,6FAA6F;YAC7F,EAAE;YACF,8CAA8C;YAC9C,8EAA8E;YAC9E,2FAA2F;YAC3F,8CAA8C;YAC9C,kDAAkD;YAClD,mFAAmF;YACnF,EAAE;YACF,sEAAsE;YACtE,eAAe,CACb,6GAA6G;gBAC3G,0HAA0H,EAC5H,EAAE,KAAK,EAAE,OAAO,EAAE,CACnB,CAAA;YACD,OAAO,IAAI,CAAA;QACb;YACE,eAAe,CACb,6CAA6C,IAAI,qCAAqC,CACvF,CAAA;YACD,OAAO,IAAI,CAAA;IACf,CAAC;AACH,CAAC;AAED
|
|
1
|
+
{"version":3,"file":"generate-seccomp-filter.js","sourceRoot":"","sources":["../../src/sandbox/generate-seccomp-filter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AACxC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAA;AAC7B,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAA;AAC7C,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AACjC,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AAEnD,4FAA4F;AAC5F,MAAM,YAAY,GAAG,IAAI,GAAG,EAAyB,CAAA;AACrD,MAAM,qBAAqB,GAAG,IAAI,GAAG,EAAyB,CAAA;AAE9D;;;GAGG;AACH,SAAS,iBAAiB;IACxB,MAAM,KAAK,GAAa,EAAE,CAAA;IAE1B,wCAAwC;IACxC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,QAAQ,CAAC,aAAa,EAAE;YACtC,QAAQ,EAAE,MAAM;YAChB,OAAO,EAAE,IAAI;YACb,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,CAAC;SAClC,CAAC,CAAC,IAAI,EAAE,CAAA;QACT,IAAI,OAAO,EAAE,CAAC;YACZ,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,eAAe,EAAE,iBAAiB,CAAC,CAAC,CAAA;QAC/D,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,8BAA8B;IAChC,CAAC;IAED,2CAA2C;IAC3C,MAAM,IAAI,GAAG,OAAO,EAAE,CAAA;IACtB,KAAK,CAAC,IAAI;IACR,2BAA2B;IAC3B,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,cAAc,EAAE,eAAe,EAAE,iBAAiB,CAAC,EACvE,IAAI,CACF,MAAM,EACN,OAAO,EACP,KAAK,EACL,cAAc,EACd,eAAe,EACf,iBAAiB,CAClB;IACD,yDAAyD;IACzD,IAAI,CACF,MAAM,EACN,UAAU,EACV,KAAK,EACL,cAAc,EACd,eAAe,EACf,iBAAiB,CAClB;IACD,wBAAwB;IACxB,IAAI,CACF,IAAI,EACJ,MAAM,EACN,KAAK,EACL,cAAc,EACd,eAAe,EACf,iBAAiB,CAClB,EACD,IAAI,CACF,IAAI,EACJ,aAAa,EACb,KAAK,EACL,cAAc,EACd,eAAe,EACf,iBAAiB,CAClB,CACF,CAAA;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED;;;GAGG;AACH,SAAS,qBAAqB;IAC5B,MAAM,IAAI,GAAG,OAAO,CAAC,IAAc,CAAA;IACnC,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,KAAK,CAAC;QACX,KAAK,QAAQ;YACX,OAAO,KAAK,CAAA;QACd,KAAK,OAAO,CAAC;QACb,KAAK,SAAS;YACZ,OAAO,OAAO,CAAA;QAChB,KAAK,MAAM,CAAC;QACZ,KAAK,KAAK;YACR,0CAA0C;YAC1C,wFAAwF;YACxF,mGAAmG;YACnG,4FAA4F;YAC5F,6FAA6F;YAC7F,EAAE;YACF,8CAA8C;YAC9C,8EAA8E;YAC9E,2FAA2F;YAC3F,8CAA8C;YAC9C,kDAAkD;YAClD,mFAAmF;YACnF,EAAE;YACF,sEAAsE;YACtE,eAAe,CACb,6GAA6G;gBAC3G,0HAA0H,EAC5H,EAAE,KAAK,EAAE,OAAO,EAAE,CACnB,CAAA;YACD,OAAO,IAAI,CAAA;QACb;YACE,eAAe,CACb,6CAA6C,IAAI,qCAAqC,CACvF,CAAA;YACD,OAAO,IAAI,CAAA;IACf,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,QAAgB;IAC5C,MAAM,IAAI,GAAG,qBAAqB,EAAE,CAAA;IACpC,IAAI,CAAC,IAAI;QAAE,OAAO,EAAE,CAAA;IAEpB,MAAM,OAAO,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;IACvD,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAA;IAE9D,OAAO;QACL,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,EAAE,yEAAyE;QACtG,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,YAAY,CAAC,EAAE,mCAAmC;QAC5E,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,YAAY,CAAC,EAAE,gCAAgC;KACpE,CAAA;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,UAAU,sBAAsB,CACpC,iBAA0B;IAE1B,MAAM,QAAQ,GAAG,iBAAiB,IAAI,EAAE,CAAA;IACxC,IAAI,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/B,OAAO,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAE,CAAA;IACpC,CAAC;IAED,MAAM,MAAM,GAAG,WAAW,CAAC,iBAAiB,CAAC,CAAA;IAC7C,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;IAClC,OAAO,MAAM,CAAA;AACf,CAAC;AAED,mFAAmF;AACnF,gEAAgE;AAChE,SAAS,WAAW,CAAC,iBAA0B;IAC7C,+CAA+C;IAC/C,IAAI,iBAAiB,EAAE,CAAC;QACtB,IAAI,EAAE,CAAC,UAAU,CAAC,iBAAiB,CAAC,EAAE,CAAC;YACrC,eAAe,CACb,wDAAwD,iBAAiB,EAAE,CAC5E,CAAA;YACD,OAAO,iBAAiB,CAAA;QAC1B,CAAC;QACD,eAAe,CACb,8DAA8D,iBAAiB,EAAE,CAClF,CAAA;IACH,CAAC;IAED,MAAM,IAAI,GAAG,qBAAqB,EAAE,CAAA;IACpC,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,eAAe,CACb,kFAAkF,OAAO,CAAC,IAAI,EAAE,CACjG,CAAA;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,eAAe,CAAC,0CAA0C,IAAI,EAAE,CAAC,CAAA;IAEjE,uDAAuD;IACvD,KAAK,MAAM,OAAO,IAAI,oBAAoB,CAAC,gBAAgB,CAAC,EAAE,CAAC;QAC7D,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YAC3B,eAAe,CACb,mDAAmD,OAAO,KAAK,IAAI,GAAG,CACvE,CAAA;YACD,OAAO,OAAO,CAAA;QAChB,CAAC;IACH,CAAC;IAED,gFAAgF;IAChF,KAAK,MAAM,UAAU,IAAI,iBAAiB,EAAE,EAAE,CAAC;QAC7C,MAAM,OAAO,GAAG,IAAI,CAClB,UAAU,EACV,QAAQ,EACR,SAAS,EACT,IAAI,EACJ,gBAAgB,CACjB,CAAA;QACD,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YAC3B,eAAe,CACb,qEAAqE,OAAO,KAAK,IAAI,GAAG,CACzF,CAAA;YACD,OAAO,OAAO,CAAA;QAChB,CAAC;IACH,CAAC;IAED,eAAe,CACb,gFAAgF,IAAI,GAAG,CACxF,CAAA;IACD,OAAO,IAAI,CAAA;AACb,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,UAAU,yBAAyB,CACvC,iBAA0B;IAE1B,MAAM,QAAQ,GAAG,iBAAiB,IAAI,EAAE,CAAA;IACxC,IAAI,qBAAqB,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QACxC,OAAO,qBAAqB,CAAC,GAAG,CAAC,QAAQ,CAAE,CAAA;IAC7C,CAAC;IAED,MAAM,MAAM,GAAG,oBAAoB,CAAC,iBAAiB,CAAC,CAAA;IACtD,qBAAqB,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;IAC3C,OAAO,MAAM,CAAA;AACf,CAAC;AAED,SAAS,oBAAoB,CAAC,iBAA0B;IACtD,+CAA+C;IAC/C,IAAI,iBAAiB,EAAE,CAAC;QACtB,IAAI,EAAE,CAAC,UAAU,CAAC,iBAAiB,CAAC,EAAE,CAAC;YACrC,eAAe,CACb,kEAAkE,iBAAiB,EAAE,CACtF,CAAA;YACD,OAAO,iBAAiB,CAAA;QAC1B,CAAC;QACD,eAAe,CACb,8DAA8D,iBAAiB,EAAE,CAClF,CAAA;IACH,CAAC;IAED,MAAM,IAAI,GAAG,qBAAqB,EAAE,CAAA;IACpC,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,eAAe,CACb,8EAA8E,OAAO,CAAC,IAAI,EAAE,CAC7F,CAAA;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,eAAe,CACb,sEAAsE,IAAI,EAAE,CAC7E,CAAA;IAED,uDAAuD;IACvD,KAAK,MAAM,UAAU,IAAI,oBAAoB,CAAC,eAAe,CAAC,EAAE,CAAC;QAC/D,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC9B,eAAe,CACb,+CAA+C,UAAU,KAAK,IAAI,GAAG,CACtE,CAAA;YACD,OAAO,UAAU,CAAA;QACnB,CAAC;IACH,CAAC;IAED,gFAAgF;IAChF,KAAK,MAAM,UAAU,IAAI,iBAAiB,EAAE,EAAE,CAAC;QAC7C,MAAM,UAAU,GAAG,IAAI,CACrB,UAAU,EACV,QAAQ,EACR,SAAS,EACT,IAAI,EACJ,eAAe,CAChB,CAAA;QACD,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC9B,eAAe,CACb,iEAAiE,UAAU,KAAK,IAAI,GAAG,CACxF,CAAA;YACD,OAAO,UAAU,CAAA;QACnB,CAAC;IACH,CAAC;IAED,eAAe,CACb,4EAA4E,IAAI,GAAG,CACpF,CAAA;IACD,OAAO,IAAI,CAAA;AACb,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,UAAU,qBAAqB,CACnC,iBAA0B;IAE1B,MAAM,eAAe,GAAG,sBAAsB,CAAC,iBAAiB,CAAC,CAAA;IACjE,IAAI,eAAe,EAAE,CAAC;QACpB,eAAe,CAAC,gDAAgD,CAAC,CAAA;QACjE,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,eAAe,CACb,gFAAgF;QAC9E,mCAAmC,EACrC,EAAE,KAAK,EAAE,OAAO,EAAE,CACnB,CAAA;IACD,OAAO,IAAI,CAAA;AACb,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB,CAAC,WAAmB;IACtD,sDAAsD;AACxD,CAAC"}
|
|
@@ -37,13 +37,35 @@ export interface LinuxSandboxParams {
|
|
|
37
37
|
abortSignal?: AbortSignal;
|
|
38
38
|
}
|
|
39
39
|
/**
|
|
40
|
-
*
|
|
41
|
-
* Returns true if bwrap and socat are installed.
|
|
40
|
+
* Detailed status of Linux sandbox dependencies
|
|
42
41
|
*/
|
|
43
|
-
export
|
|
42
|
+
export type LinuxDependencyStatus = {
|
|
43
|
+
hasBwrap: boolean;
|
|
44
|
+
hasSocat: boolean;
|
|
45
|
+
hasSeccompBpf: boolean;
|
|
46
|
+
hasSeccompApply: boolean;
|
|
47
|
+
};
|
|
48
|
+
/**
|
|
49
|
+
* Result of checking sandbox dependencies
|
|
50
|
+
*/
|
|
51
|
+
export type SandboxDependencyCheck = {
|
|
52
|
+
warnings: string[];
|
|
53
|
+
errors: string[];
|
|
54
|
+
};
|
|
55
|
+
/**
|
|
56
|
+
* Get detailed status of Linux sandbox dependencies
|
|
57
|
+
*/
|
|
58
|
+
export declare function getLinuxDependencyStatus(seccompConfig?: {
|
|
59
|
+
bpfPath?: string;
|
|
60
|
+
applyPath?: string;
|
|
61
|
+
}): LinuxDependencyStatus;
|
|
62
|
+
/**
|
|
63
|
+
* Check sandbox dependencies and return structured result
|
|
64
|
+
*/
|
|
65
|
+
export declare function checkLinuxDependencies(seccompConfig?: {
|
|
44
66
|
bpfPath?: string;
|
|
45
67
|
applyPath?: string;
|
|
46
|
-
}):
|
|
68
|
+
}): SandboxDependencyCheck;
|
|
47
69
|
/**
|
|
48
70
|
* Initialize the Linux network bridge for sandbox networking
|
|
49
71
|
*
|
|
@@ -115,7 +137,7 @@ export declare function initializeLinuxNetworkBridge(httpProxyPort: number, sock
|
|
|
115
137
|
* - Other architectures are not currently supported (no apply-seccomp binary available)
|
|
116
138
|
* - To use sandboxing without Unix socket blocking on unsupported architectures,
|
|
117
139
|
* set allowAllUnixSockets: true in your configuration
|
|
118
|
-
* Dependencies are checked by
|
|
140
|
+
* Dependencies are checked by checkLinuxDependencies() before enabling the sandbox.
|
|
119
141
|
*/
|
|
120
142
|
export declare function wrapCommandWithSandboxLinux(params: LinuxSandboxParams): Promise<string>;
|
|
121
143
|
//# sourceMappingURL=linux-sandbox-utils.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"linux-sandbox-utils.d.ts","sourceRoot":"","sources":["../../src/sandbox/linux-sandbox-utils.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAWtD,OAAO,KAAK,EACV,uBAAuB,EACvB,wBAAwB,EACzB,MAAM,sBAAsB,CAAA;AAQ7B,MAAM,WAAW,yBAAyB;IACxC,cAAc,EAAE,MAAM,CAAA;IACtB,eAAe,EAAE,MAAM,CAAA;IACvB,iBAAiB,EAAE,YAAY,CAAA;IAC/B,kBAAkB,EAAE,YAAY,CAAA;IAChC,aAAa,EAAE,MAAM,CAAA;IACrB,cAAc,EAAE,MAAM,CAAA;CACvB;AAED,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,MAAM,CAAA;IACf,uBAAuB,EAAE,OAAO,CAAA;IAChC,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,UAAU,CAAC,EAAE,uBAAuB,CAAA;IACpC,WAAW,CAAC,EAAE,wBAAwB,CAAA;IACtC,yBAAyB,CAAC,EAAE,OAAO,CAAA;IACnC,mBAAmB,CAAC,EAAE,OAAO,CAAA;IAC7B,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,aAAa,CAAC,EAAE;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAA;IACpD,yEAAyE;IACzE,wBAAwB,CAAC,EAAE,MAAM,CAAA;IACjC,yDAAyD;IACzD,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,kCAAkC;IAClC,aAAa,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;IACxD,8CAA8C;IAC9C,WAAW,CAAC,EAAE,WAAW,CAAA;CAC1B;AA2MD
|
|
1
|
+
{"version":3,"file":"linux-sandbox-utils.d.ts","sourceRoot":"","sources":["../../src/sandbox/linux-sandbox-utils.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAWtD,OAAO,KAAK,EACV,uBAAuB,EACvB,wBAAwB,EACzB,MAAM,sBAAsB,CAAA;AAQ7B,MAAM,WAAW,yBAAyB;IACxC,cAAc,EAAE,MAAM,CAAA;IACtB,eAAe,EAAE,MAAM,CAAA;IACvB,iBAAiB,EAAE,YAAY,CAAA;IAC/B,kBAAkB,EAAE,YAAY,CAAA;IAChC,aAAa,EAAE,MAAM,CAAA;IACrB,cAAc,EAAE,MAAM,CAAA;CACvB;AAED,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,MAAM,CAAA;IACf,uBAAuB,EAAE,OAAO,CAAA;IAChC,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,UAAU,CAAC,EAAE,uBAAuB,CAAA;IACpC,WAAW,CAAC,EAAE,wBAAwB,CAAA;IACtC,yBAAyB,CAAC,EAAE,OAAO,CAAA;IACnC,mBAAmB,CAAC,EAAE,OAAO,CAAA;IAC7B,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,aAAa,CAAC,EAAE;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAA;IACpD,yEAAyE;IACzE,wBAAwB,CAAC,EAAE,MAAM,CAAA;IACjC,yDAAyD;IACzD,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,kCAAkC;IAClC,aAAa,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;IACxD,8CAA8C;IAC9C,WAAW,CAAC,EAAE,WAAW,CAAA;CAC1B;AA2MD;;GAEG;AACH,MAAM,MAAM,qBAAqB,GAAG;IAClC,QAAQ,EAAE,OAAO,CAAA;IACjB,QAAQ,EAAE,OAAO,CAAA;IACjB,aAAa,EAAE,OAAO,CAAA;IACtB,eAAe,EAAE,OAAO,CAAA;CACzB,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,sBAAsB,GAAG;IACnC,QAAQ,EAAE,MAAM,EAAE,CAAA;IAClB,MAAM,EAAE,MAAM,EAAE,CAAA;CACjB,CAAA;AAED;;GAEG;AACH,wBAAgB,wBAAwB,CAAC,aAAa,CAAC,EAAE;IACvD,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB,GAAG,qBAAqB,CAiBxB;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,aAAa,CAAC,EAAE;IACrD,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB,GAAG,sBAAsB,CAuBzB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,wBAAsB,4BAA4B,CAChD,aAAa,EAAE,MAAM,EACrB,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,yBAAyB,CAAC,CA2HpC;AAoOD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6CG;AACH,wBAAsB,2BAA2B,CAC/C,MAAM,EAAE,kBAAkB,GACzB,OAAO,CAAC,MAAM,CAAC,CA2PjB"}
|