RAppArmor: Bindings to AppArmor and Security Related Linux Tools

Bindings to various methods in the kernel for enforcing security restrictions. AppArmor can apply mandatory access control (MAC) policies on a given task (process) via security profiles with detailed ACL definitions. In addition the package has kernel bindings for setting the process hardware resource limits (rlimit), uid, gid, affinity and priority. The high level R function 'eval.secure' builds on these methods to do dynamic sandboxing: it evaluates a single R expression within a temporary fork which acts as a sandbox by enforcing fine grained restrictions without affecting the main R process. Recent versions on this package can also be installed on systems without libapparmor, in which case some features are automatically disabled.

Install the latest version of this package by entering the following in R:
install.packages("RAppArmor")
AuthorJeroen Ooms
Date of publication2016-05-17 21:34:04
MaintainerJeroen Ooms <jeroen.ooms@stat.ucla.edu>
LicenseApache License (== 2.0)
Version2.0.2
http://www.jstatsoft.org/v55/i07/ http://github.com/jeroenooms/RAppArmor#readme

View on CRAN

Functions

aa_change_hat Man page
aa_change_profile Man page
aa_find_mountpoint Man page
aa_getcon Man page
aa_is_enabled Man page
aa_revert_hat Man page
affinity Man page
eval.secure Man page
getaffinity Man page
getaffinity_count Man page
getgid Man page
getpgid Man page
getpriority Man page
getuid Man page
kill Man page
ncores Man page
rlimit_as Man page
rlimit_core Man page
rlimit_cpu Man page
rlimit_data Man page
rlimit_fsize Man page
rlimit_memlock Man page
rlimit_msgqueue Man page
rlimit_nice Man page
rlimit_nofile Man page
rlimit_nproc Man page
rlimit_rtprio Man page
rlimit_rttime Man page
rlimit_sigpending Man page
rlimit_stack Man page
setaffinity Man page
setgid Man page
setpgid Man page
setpriority Man page
setuid Man page
unittests Man page
userinfo Man page

Files

inst
inst/profiles
inst/profiles/suse
inst/profiles/suse/usr.bin.r
inst/profiles/suse/rapparmor
inst/profiles/suse/rapparmor.d
inst/profiles/suse/rapparmor.d/r-user
inst/profiles/suse/rapparmor.d/r-base
inst/profiles/suse/rapparmor.d/r-compile
inst/profiles/suse/rapparmor.d/testprofile
inst/profiles/debian
inst/profiles/debian/usr.bin.r
inst/profiles/debian/rapparmor
inst/profiles/debian/rapparmor.d
inst/profiles/debian/rapparmor.d/r-user
inst/profiles/debian/rapparmor.d/r-base
inst/profiles/debian/rapparmor.d/r-compile
inst/profiles/debian/rapparmor.d/testprofile
inst/CITATION
inst/doc
inst/doc/v55i07.pdf.asis
inst/doc/v55i07.pdf
tests
tests/run-all.R
tests/testthat
tests/testthat/helper-pretest.R tests/testthat/test-priority.R tests/testthat/test-apparmor.R tests/testthat/test-rlimit_memory.R tests/testthat/test-affinity.R
tests/testthat/README
tests/testthat/test-root.R tests/testthat/test-rlimit_cpu.R tests/testthat/test-rlimit_nproc.R
src
src/rlimits.c
src/affinity.c
src/process.c
src/Makevars.in
src/apparmor.c
NAMESPACE
NEWS
R
R/onAttach.R R/unittests.R R/eval.secure.R R/userinfo.R R/apparmor.R R/rlimits.R R/process.R R/affinity.R
vignettes
vignettes/v55i07.pdf.asis
MD5
build
build/vignette.rds
DESCRIPTION
configure
man
man/affinity.Rd man/unittests.Rd man/aa_is_enabled.Rd man/aa_getcon.Rd man/aa_change_hat.Rd man/eval.secure.Rd man/rlimit.Rd man/aa_find_mountpoint.Rd man/process.Rd man/aa_change_profile.Rd man/userinfo.Rd
tools
tools/readme.txt
tools/debian
tools/debian/postrm
tools/debian/postinst
tools/debian/rules
tools/debian/install
tools/debian/control
tools/debian/changelog
tools/debian/copyright

Questions? Problems? Suggestions? or email at ian@mutexlabs.com.

Please suggest features or report bugs with the GitHub issue tracker.

All documentation is copyright its authors; we didn't write any of that.