Class LinuxSandbox

Namespace

JD.AI.Sandbox.Runtime.Linux

Assembly

JD.AI.Sandbox.dll

Linux sandbox using Landlock LSM for filesystem restrictions and seccomp-bpf for syscall filtering. Requires Linux kernel 5.13+ for full Landlock support. No third-party dependencies.

public sealed class LinuxSandbox : ISandbox

Inheritance

object

LinuxSandbox

Implements

ISandbox

Inherited Members

object.Equals(object)

object.Equals(object, object)

object.GetHashCode()

object.GetType()

object.ReferenceEquals(object, object)

object.ToString()

Constructors

LinuxSandbox(SandboxPolicy)

public LinuxSandbox(SandboxPolicy policy)

Parameters

policy SandboxPolicy

Properties

Platform

Which platform this sandbox targets.

public SandboxPlatform Platform { get; }

Property Value

SandboxPlatform

Policy

The policy this sandbox enforces.

public SandboxPolicy Policy { get; }

Property Value

SandboxPolicy

Methods

RunAsync(string, string, CancellationToken)

Runs the sandboxed process to completion and returns the result.

public Task<SandboxExecutionResult> RunAsync(string executablePath, string arguments = "", CancellationToken ct = default)

Parameters

executablePath string

arguments string

ct CancellationToken

Returns

Task<SandboxExecutionResult>

StartAsync(string, string, CancellationToken)

Starts a new sandboxed process using the configured policy.

public Task<SandboxedProcess> StartAsync(string executablePath, string arguments = "", CancellationToken ct = default)

Parameters

executablePath string

Path to the executable to run.

arguments string

Command-line arguments.

ct CancellationToken

Cancellation token.

Returns

Task<SandboxedProcess>

A handle to the running sandboxed process.