Yes, it seems sandbox uses LD_PRELOAD and will error on access violations. However it does seem to allow retroarch to start and work without sound despite some expected access violations. This should help explain its method from the README.
Quote:
The way sandbox works is that you prime a few environment variables (in order
to control the sandbox's behavior) and then stick it into the LD_PRELOAD
variable. Then when the ELF loader runs, it will first load the sandbox
library. Whenever an applications makes a library call that we have wrapped,
we'll check the arguments against the environment settings. Based on that, any
access that is not permitted is logged and we return an error to the
application. Any access that is permitted is of course forwarded along to the
real C library.
|
My interest in sandbox is simply because a friend who uses gentoo talked it up and I tried it to see if how tied into gentoo it was and if there was anything to it. Additionally it has a wider use than just building packages, for example it could be used with a game to ensure it doesn't edit files you are unaware of.
By all means slackrepo seems better suited as a dedicated Slackware build tool as opposed to sandbox which is much more general and only covers some of the use cases slackrepo advertises. I think its good to have choice.