Class SandboxPolicy
public sealed record SandboxPolicy : IEquatable<SandboxPolicy>
- Inheritance
-
SandboxPolicy
- Implements
- Inherited Members
Constructors
SandboxPolicy(string, SandboxEffect, IReadOnlyList<CapabilityGrant>, ResourceLimits, bool, DateTimeOffset?, ulong?, IReadOnlySet<string>?)
public SandboxPolicy(string PolicyId, SandboxEffect AllowedEffects, IReadOnlyList<CapabilityGrant> Grants, ResourceLimits ResourceLimits, bool Deterministic = false, DateTimeOffset? LogicalNow = null, ulong? RandomSeed = null, IReadOnlySet<string>? DeclaredOpaqueIdTypes = null)
Parameters
PolicyIdstringAllowedEffectsSandboxEffectGrantsIReadOnlyList<CapabilityGrant>ResourceLimitsResourceLimitsDeterministicboolLogicalNowDateTimeOffset?RandomSeedulong?DeclaredOpaqueIdTypesIReadOnlySet<string>
Properties
AllowedEffects
public SandboxEffect AllowedEffects { get; init; }
Property Value
DeclaredOpaqueIdTypes
Host-declared opaque-id brand type names this policy permits a module to use, in type or literal position. Empty by default (fail-closed): a module that references an opaque-id brand the host did not declare fails validation with E-POLICY-OPAQUE-ID.
public IReadOnlySet<string> DeclaredOpaqueIdTypes { get; init; }
Property Value
Deterministic
public bool Deterministic { get; init; }
Property Value
GrantClock
public DateTimeOffset GrantClock { get; }
Property Value
Grants
public IReadOnlyList<CapabilityGrant> Grants { get; init; }
Property Value
Hash
public string Hash { get; }
Property Value
LogicalNow
public DateTimeOffset? LogicalNow { get; init; }
Property Value
PolicyId
public string PolicyId { get; init; }
Property Value
RandomSeed
public ulong? RandomSeed { get; init; }
Property Value
ResourceLimits
public ResourceLimits ResourceLimits { get; init; }
Property Value
Methods
GetGrant(string)
public CapabilityGrant GetGrant(string capabilityId)
Parameters
capabilityIdstring
Returns
GrantsCapability(string)
public bool GrantsCapability(string capabilityId)
Parameters
capabilityIdstring
Returns
GrantsCapability(string, DateTimeOffset)
public bool GrantsCapability(string capabilityId, DateTimeOffset now)
Parameters
capabilityIdstringnowDateTimeOffset
Returns
TryGetGrant(string, out CapabilityGrant)
public bool TryGetGrant(string capabilityId, out CapabilityGrant grant)
Parameters
capabilityIdstringgrantCapabilityGrant