An open API service indexing awesome lists of open source software.

https://github.com/maulingmonkey/firehazard

Unopinionated low level API bindings focused on soundness, safety, and stronger types over raw FFI.
https://github.com/maulingmonkey/firehazard

rust sandbox sandboxing security win32 windows

Last synced: 10 months ago
JSON representation

Unopinionated low level API bindings focused on soundness, safety, and stronger types over raw FFI.

Awesome Lists containing this project

README

          

# 🔥 firehazard 🔥
[![GitHub](https://img.shields.io/github/stars/MaulingMonkey/firehazard.svg?label=GitHub&style=social)](https://github.com/MaulingMonkey/firehazard)
[![crates.io](https://img.shields.io/crates/v/firehazard.svg)](https://crates.io/crates/firehazard)
[![docs.rs](https://docs.rs/firehazard/badge.svg)](https://docs.rs/firehazard)
[![License](https://img.shields.io/crates/l/firehazard.svg)](https://github.com/MaulingMonkey/firehazard)

Create a *fire hazard* by locking down your (Microsoft) *Windows* so nobody can *escape* (your security sandbox.)
* Exposes bindings to similar Windows APIs as Chrome and Chromium use for [sandboxing their untrusted processes](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/design/sandbox.md).
* Focused on soundness, safety, and stronger types over raw FFI.
* Low level, Windows only, pure Rust, and unopinionated.
* You could build opinionated, high level, cross platform abstractions *atop* this crate (and others.)

## ⚠️ Warnings ⚠️
You may be *at hazard* of being *fired* (or worse) for relying on this crate for security:
* `0.0.0-yyyy-mm-dd` doesn't follow semver.
* I'm not subscribed to any security lists.
* I don't have anything alerting me to CVEs.
* This crate is probably not 100% sound. Bug reports welcome.
* I don't have any PGP keys for you to securely send me security bugs.
* Keep flammable materials away from heaters and other ignition sources.
* This isn't backed by a team or company. Nor me, frankly.
* I have no code reviewers.
* I haven't fuzz tested anything.
* My test coverage is mediocre.
* There is no red team.
* I haven't made a proper attempt to bypass even the example sandbox.
* Just because you're paranoid, doesn't mean that they aren't out to get you.
* Rust has made me overconfident.
* Rust has made **you** overconfident.
* Keep emergency exits accessible and usable to avoid fire safety hazards.
* The false sense of security - that using this code will lure you into - may be worse than nothing at all.
* Test your fire alarms. The batteries are probably dead.

## Quickstart

#### Cargo.toml
```toml
[dependencies]
firehazard.git = "https://github.com/MaulingMonkey/firehazard"
```

License

Licensed under either of

* Apache License, Version 2.0 ([LICENSE-APACHE](LICENSE-APACHE) or )
* MIT license ([LICENSE-MIT](LICENSE-MIT) or )

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted
for inclusion in the work by you, as defined in the Apache-2.0 license, shall be
dual licensed as above, without any additional terms or conditions.