https://github.com/maulingmonkey/firehazard
Unopinionated low level API bindings focused on soundness, safety, and stronger types over raw FFI.
https://github.com/maulingmonkey/firehazard
rust sandbox sandboxing security win32 windows
Last synced: 10 months ago
JSON representation
Unopinionated low level API bindings focused on soundness, safety, and stronger types over raw FFI.
- Host: GitHub
- URL: https://github.com/maulingmonkey/firehazard
- Owner: MaulingMonkey
- License: other
- Created: 2022-08-25T14:21:24.000Z (almost 4 years ago)
- Default Branch: master
- Last Pushed: 2023-10-01T01:14:53.000Z (over 2 years ago)
- Last Synced: 2025-02-27T16:43:49.161Z (over 1 year ago)
- Topics: rust, sandbox, sandboxing, security, win32, windows
- Language: Rust
- Homepage:
- Size: 797 KB
- Stars: 9
- Watchers: 3
- Forks: 0
- Open Issues: 27
-
Metadata Files:
- Readme: Readme.md
- License: LICENSE-APACHE
Awesome Lists containing this project
README
# 🔥 firehazard 🔥
[](https://github.com/MaulingMonkey/firehazard)
[](https://crates.io/crates/firehazard)
[](https://docs.rs/firehazard)
[](https://github.com/MaulingMonkey/firehazard)
Create a *fire hazard* by locking down your (Microsoft) *Windows* so nobody can *escape* (your security sandbox.)
* Exposes bindings to similar Windows APIs as Chrome and Chromium use for [sandboxing their untrusted processes](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/design/sandbox.md).
* Focused on soundness, safety, and stronger types over raw FFI.
* Low level, Windows only, pure Rust, and unopinionated.
* You could build opinionated, high level, cross platform abstractions *atop* this crate (and others.)
## ⚠️ Warnings ⚠️
You may be *at hazard* of being *fired* (or worse) for relying on this crate for security:
* `0.0.0-yyyy-mm-dd` doesn't follow semver.
* I'm not subscribed to any security lists.
* I don't have anything alerting me to CVEs.
* This crate is probably not 100% sound. Bug reports welcome.
* I don't have any PGP keys for you to securely send me security bugs.
* Keep flammable materials away from heaters and other ignition sources.
* This isn't backed by a team or company. Nor me, frankly.
* I have no code reviewers.
* I haven't fuzz tested anything.
* My test coverage is mediocre.
* There is no red team.
* I haven't made a proper attempt to bypass even the example sandbox.
* Just because you're paranoid, doesn't mean that they aren't out to get you.
* Rust has made me overconfident.
* Rust has made **you** overconfident.
* Keep emergency exits accessible and usable to avoid fire safety hazards.
* The false sense of security - that using this code will lure you into - may be worse than nothing at all.
* Test your fire alarms. The batteries are probably dead.
## Quickstart
#### Cargo.toml
```toml
[dependencies]
firehazard.git = "https://github.com/MaulingMonkey/firehazard"
```
License
Licensed under either of
* Apache License, Version 2.0 ([LICENSE-APACHE](LICENSE-APACHE) or )
* MIT license ([LICENSE-MIT](LICENSE-MIT) or )
at your option.
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted
for inclusion in the work by you, as defined in the Apache-2.0 license, shall be
dual licensed as above, without any additional terms or conditions.