+captive-sandbox-server chroot/setuid security isolation

[captive.git] / src / libcaptive / sandbox / split.h

diff --git a/src/libcaptive/sandbox/split.h b/src/libcaptive/sandbox/split.h
index 764272f..7d02def 100644 (file)
--- a/src/libcaptive/sandbox/split.h
+++ b/src/libcaptive/sandbox/split.h
@@ -22,27 +22,33 @@
 
 
 #include <glib/gmacros.h>
+#ifdef ORBIT2  /* Prevent missing $(ORBIT_CFLAGS) outside of libcaptive/sandbox/ */
 #include "sandbox.h"
 #include "captive/client-vfs.h"
+#endif
 
 
 G_BEGIN_DECLS
 
+#ifdef ORBIT2  /* Prevent missing $(ORBIT_CFLAGS) outside of libcaptive/sandbox/ */
 extern CORBA_Environment captive_corba_ev;
 extern CORBA_ORB captive_corba_orb;
 extern PortableServer_POA captive_corba_poa;
+#endif
 
-void captive_corba_sandbox_child(void);
+void captive_corba_sandbox_child(const gchar *chrooted_orbit_dir);
 void sandbox_child_prepare_shutdown(void);
 void captive_sandbox_fd_closeup(int fd_first_to_delete);
+void sandbox_child_shutdown(void);
+#ifdef ORBIT2  /* Prevent missing $(ORBIT_CFLAGS) outside of libcaptive/sandbox/ */
 gboolean captive_sandbox_spawn(CaptiveVfsObject *child_captive_vfs_object,
                Captive_Vfs *corba_Vfs_object_return,Captive_GLogFunc *corba_GLogFunc_object_return,
                Captive_CaptiveIOChannel *corba_CaptiveIOChannel_object_return,int *parentheart_fds_1_return);
 gboolean validate_CORBA_Environment(CORBA_Environment *evp);
 GnomeVFSResult captive_sandbox_parent_return_from_CORBA_Environment(CORBA_Environment *evp);
 void captive_sandbox_child_GnomeVFSResultException_throw(CORBA_Environment *evp,GnomeVFSResult errvfsresult);
-void sandbox_child_shutdown(void);
 gboolean captive_sandbox_parent_query_vfs_retry(CORBA_Environment *evp,CaptiveVfsObject *captive_vfs_object);
+#endif
 
 G_END_DECLS