To understand how Legato sandboxes are implemented, see Sandboxes basics.
There's also an topic on how to Use Sandboxes.

Overview

Sandboxes are configured through the Definition Files :

This is what a sandboxed app Config Tree Schema looks like.

Common Problems

These are some common reasons for sandbox problems:

permissions are set incorrectly: check the .cdef bundles section to ensure permissions are valid.
a file is missing from the file system within the sandbox: check that the files in .cdef requires and .adef requires sections include all required files.
you've reached a sanboxed app limit.

Sandbox Sample Apps

Legato provides sample apps that use sandboxes:
Shell Piping
Command Line

Sample Code

This is the Shell Piping sample app's .adef file:

start: manual

bundles:
{
    file:
    {
        // Bundling the script into the sandbox with the permissions needed to run it.
        [rx] utilPipes    /
    }
}

requires:
{
    file:
    {
        // Adding sh (shell), ls, grep and echo utilities into the sandbox.
        /bin/sh     /usr/local/bin/
        /bin/ls     /usr/local/bin/
        /bin/grep   /usr/local/bin/
        /bin/echo   /usr/local/bin/
    }
}

processes:
{
    run:
    {
        // Run sh (shell) and pass it the script for it to run.
        (sh utilPipes)
    }
}

Access Services Outside

A Legato sandboxed app can access services outside its sandbox. All available services are advertised by the Service Directory. Apps connect to services through a request to the Service Directory. The Service Directory grants access only if the app has been explicitly bound to a service (using the .adef and .sdef bindings section).

If you want to allow direct access to bind mount objects from the file system (e.g., files, directories, named sockets and pipes, etc.), explicitly allow it through app configuration in the .adef and .cdef files requires section.

Unsandbox

Although it's not recommended, you can turn-off sandboxing by setting sandboxed to false.