4. Run the Sandbox

In the previous sections, you prepared the sandboxed environment, policy, and executor and Sandboxee. The next step is to create the Sandbox2 object and run it.

Run synchronously

The sandbox can run synchronously, thus blocking until there is a result. The code snippet below demonstrates the instantiation of the Sandbox2 object and its synchronous execution. For a more detailed example, see static.

#include "sandboxed_api/sandbox2/sandbox2.h"

sandbox2::Sandbox2 s2(std::move(executor), std::move(policy));
sandbox2::Result result = s2.Run();  // Synchronous
LOG(INFO) << "Result of sandbox execution: " << result.ToString();

Run asynchronously

You can also run the sandbox asynchronously, thus not blocking until there is a result. This is useful, for instance, when communicating with the Sandboxee. The code snippet below demonstrates this use case, for more detailed examples see crc4 and tool.

#include "sandboxed_api/sandbox2/sandbox2.h"

sandbox2::Sandbox2 s2(std::move(executor), std::move(policy));
if (s2.RunAsync()) {
  // Communicate with sandboxee, use s2.Kill() to kill it if needed
  // ...
}
Sandbox2::Result result = s2.AwaitResult();
LOG(INFO) << "Final execution status: " << result.ToString();