sandbox_attach()

Updated: April 19, 2023

Attach a sandbox

Synopsis:

#include <sandbox.h>

int sandbox_attach(int sbid, pid_t pid);

Arguments:

sbid
The sandbox identifier.
pid
The process identifier.

Library:

libsandbox

Use the -l sandbox option to qcc to link against this library.

Description:

This function attaches a sandbox to a process. You must create the sandbox with the sandbox_create() function before you can attach it with sandbox_attach().

No more than one sandbox can be attached to a process at one time. To change the sandbox attached to a process, you must first delete the attached one with sandbox_delete() before you attach another.

Note: If you spawn() a process held, you can then attach a sandbox to it before the process runs. Another approach is to fork() the process, then attach the sandbox to the new process before it calls exec().

Returns:

0
Successful attachment.
negative value
An error occurred (errno is NOT set, the value is the negative of a value from the Errors section).

Errors:

EBUSY
The process is already attached to a sandbox.
EINVAL
The process identifier is not valid.
ESRCH
The process identifier does not exist.

Classification:

QNX Neutrino

Safety:  
Cancellation point Yes
Interrupt handler No
Signal handler Yes
Thread Yes