github.com/sdibtacm/sandbox@v0.0.0-20200320120712-60470cf803dc/exec/const.go (about) 1 package exec 2 3 const ( 4 RLIMIT_UNRESOURCE uint64 = 0 5 TIME_UNRESOURCE uint = 0 6 BYTE_UNRESOURCE uint64 = RLIMIT_UNRESOURCE 7 MAX_TIME uint = 0xFFFFFFFF 8 SUGGEST_THREAD_LIMIT uint = 1024 9 MAX_THREAD_LIMIT uint = 65535 10 MIN_MEMORY_LIMIT uint64 = 16777216 // byte 16M 11 RLIMIT_STACK_MIN uint64 = 8388608 // byte 8M 12 SECCOMP 13 ) 14 15 const ( 16 SANDBOX_NO_START = iota 17 SANDBOX_PREPARE_PIPE 18 SANDBOX_READY_FOR_CLONE 19 SANDBOX_READY_FOR_CHROOT 20 SANDBOX_READY_FOR_SETUID 21 SANDBOX_READY_FOR_SETGID 22 SANDBOX_READY_FOR_SETUMASK 23 SANDBOX_READY_FOR_CHDIR 24 SANDBOX_READY_FOR_SET_PDEATHSIG 25 SANDBOX_READY_FOR_PDEATHSIG_KILL_MYSELF 26 SANDBOX_READY_FRO_DUP_FILE 27 SANDBOX_READY_FOR_SET_RLIMIT 28 SANDBOX_READY_FOR_SET_PTRACE 29 SANDBOX_READY_FOR_SET_BPF 30 SANDBOX_READY_FOR_EXEC 31 32 SANDBOX_READ_PIPE 33 ) 34 35 var SANDBOX_STEP_STR = []string{ 36 "no start", 37 "prepare pipe", 38 "clone", 39 "chroot", 40 "set uid", 41 "set gid", 42 "set umask", 43 "chdir", 44 "set pdeathsig", 45 "parent died, kill myself", 46 "dup files", 47 "set rlimit", 48 "set ptrace", 49 "set bpf", 50 "exec", 51 "read error status from pipe", 52 }