Add IsSandboxed() function to seatbelt wrapper.

sandbox/mac/seatbelt.cc

Index: sandbox/mac/seatbelt.cc
diff --git a/sandbox/mac/seatbelt.cc b/sandbox/mac/seatbelt.cc
index 0987faee7aa54f299cc59768b680bc944b6bd8be..dfba0bded9e34be276ed111cbab44210a95b9875 100644
--- a/sandbox/mac/seatbelt.cc
+++ b/sandbox/mac/seatbelt.cc
@@ -4,6 +4,8 @@
 
 #include "sandbox/mac/seatbelt.h"
 
+#include <unistd.h>
+
 extern "C" {
 #include <sandbox.h>
 
@@ -11,6 +13,12 @@ int sandbox_init_with_parameters(const char* profile,
                                  uint64_t flags,
                                  const char* const parameters[],
                                  char** errorbuf);
+
+// Not deprecated. The canonical usage to test if sandboxed is
+// sandbox_check(getpid(), NULL, SANDBOX_FILTER_NONE), which returns
+// 1 if sandboxed. Note `type` is actually a sandbox_filter_type enum value, but
+// it is unused currently.
+int sandbox_check(pid_t pid, const char* operation, int type, ...);
 };
 
 namespace sandbox {
@@ -54,4 +62,9 @@ void Seatbelt::FreeError(char* errorbuf) {
 #pragma clang diagnostic pop
 }
 
+// static
+bool Seatbelt::IsSandboxed() {
+  return ::sandbox_check(getpid(), NULL, 0);
+}
+
 }  // namespace sandbox