Sandbox service for using a Google3 compiled library

[Ramin Halavati]

Hi!

I'm working on a prototype of a new service and I would like an early consultation for sandboxing.

The service will use a Google3 compiled image processing library to annotate browser screenshots and improve the accessibility tree. Draft design doc is in go/chrome-screen-ai and as a summary:

 - The library binary will be provided on demand through component updater.

 - Input: Chrome screenshots (and in future some metadata)

 - Output: A proto containing annotations (screen locations, object types, object properties)

 - Network: None

I assume it needs to be in a sandboxed process. Please let me know how I can determine if I need a special sandbox or not, and how I can get it.

(I have a draft CL here which crashes now when one of the library functions is called and I assume it's related to the security limitations.)

Thanks,

Ramin

[Ramin Halavati]

Sorry, it seems that document was not properly shared before.

Now it is shared wider.