Node.js API

The Sandbox class

class Sandbox()

Construct a new sandbox

Sandbox.mapFilename(filename)
Arguments:
  • filename (string) – Filename to map

Called when a filename used in open(), stat(), etc should be mapped from a real filename to one within the sandbox’s environment.

Should return a string, which is the new filename that will be passed to the underlying syscall.

Sandbox.onIPC(api_name, method_name, arguments, cookie)
Arguments:
  • api_name (string) – API being called
  • method_name (string) – Method being called
  • arguments (object) – Arguments for the API call
  • cookie (object) – An opaque cookie that must be later passed to Sandbox.finishIPC()

Do not touch the cookie or Very Bad Things could happen including, but not limited to: war, pestilance, spoilage of all the cheese in your home, a strong desire to port Emacs to Node.js.

Sandbox.onVFS(cookie, op[, ...])
Arguments:
  • cookie (object) – An opaque cookie that must be later passed to

Sandbox.finishVFS() :param string op: Method being called

Called when a VFS operation occurs.

Do not touch the cookie. Seriously.

Sandbox.finishIPC(cookie, result)
Arguments:
  • cookie (object) – The opaque cookie from Sandbox.onIPC() that was not

touched. :param object result: API result that is passed to the sandbox

Result should be a structure in the form of:

{
  'success': true,
  'result': {foo: {bar: 'baz'}}
}
Sandbox._init()

Internal function. Sets up stdio IPC channels upon construction

Sandbox.onData(fd, chunk)
Arguments:
  • fd (number) – File descriptor inside the sandbox
  • chunk (string) – Data read from the sandbox

Internal function. Called when data from within the sandbox is ready for reading.

Sandbox.spawn(arg0, [...,] [options])
Arguments:
  • arg0 – First argument
  • ... – Further arguments
  • options – A structure of options

Spawns a binary inside the sandbox

Sandbox.kill()

Kills the child process

Attributes

Sandbox.stdout
Type Readable:stdio channel that maps to stdout
Sandbox.stderr
Type Readable:stdio channel that maps to stderr
Sandbox.stdio
Type Array:stdio channels
Sandbox.debuggerOnCrash
Type boolean:Launch GDB when the child crashes

Events

Sandbox.newSocket()
Arguments:
  • path (string) – Path to the unix socket

Emitted when the sandboxed child has called bind() on a socket, which is now mapped to a unix domain socket.

Sandbox.exit()
Arguments:
  • status (number) – Exit status

Emitted when the sandboxed child has exited

Sandbox.signal()
Arguments:
  • signal (number) – Signal received

Emitted when the sandboxed child has received a signal