RAppArmor: Bindings to AppArmor and Security Related Linux Tools

Bindings to various methods in the kernel for enforcing security restrictions. AppArmor can apply mandatory access control (MAC) policies on a given task (process) via security profiles with detailed ACL definitions. In addition the package has kernel bindings for setting the process hardware resource limits (rlimit), uid, gid, affinity and priority. The high level R function 'eval.secure' builds on these methods to do dynamic sandboxing: it evaluates a single R expression within a temporary fork which acts as a sandbox by enforcing fine grained restrictions without affecting the main R process. Recent versions on this package can also be installed on systems without libapparmor, in which case some features are automatically disabled.

AuthorJeroen Ooms
Date of publication2016-05-17 21:34:04
MaintainerJeroen Ooms <jeroen.ooms@stat.ucla.edu>
LicenseApache License (== 2.0)
Version2.0.2
http://www.jstatsoft.org/v55/i07/ http://github.com/jeroenooms/RAppArmor#readme

View on CRAN

Functions

aa_change_hat Man page
aa_change_profile Man page
aa_find_mountpoint Man page
aa_getcon Man page
aa_is_enabled Man page
aa_revert_hat Man page
affinity Man page
eval.secure Man page
getaffinity Man page
getaffinity_count Man page
getgid Man page
getpgid Man page
getpriority Man page
getuid Man page
kill Man page
ncores Man page
rlimit_as Man page
rlimit_core Man page
rlimit_cpu Man page
rlimit_data Man page
rlimit_fsize Man page
rlimit_memlock Man page
rlimit_msgqueue Man page
rlimit_nice Man page
rlimit_nofile Man page
rlimit_nproc Man page
rlimit_rtprio Man page
rlimit_rttime Man page
rlimit_sigpending Man page
rlimit_stack Man page
setaffinity Man page
setgid Man page
setpgid Man page
setpriority Man page
setuid Man page
unittests Man page
userinfo Man page

Files

RAppArmor
RAppArmor/inst
RAppArmor/inst/profiles
RAppArmor/inst/profiles/suse
RAppArmor/inst/profiles/suse/usr.bin.r
RAppArmor/inst/profiles/suse/rapparmor
RAppArmor/inst/profiles/suse/rapparmor.d
RAppArmor/inst/profiles/suse/rapparmor.d/r-user
RAppArmor/inst/profiles/suse/rapparmor.d/r-base
RAppArmor/inst/profiles/suse/rapparmor.d/r-compile
RAppArmor/inst/profiles/suse/rapparmor.d/testprofile
RAppArmor/inst/profiles/debian
RAppArmor/inst/profiles/debian/usr.bin.r
RAppArmor/inst/profiles/debian/rapparmor
RAppArmor/inst/profiles/debian/rapparmor.d
RAppArmor/inst/profiles/debian/rapparmor.d/r-user
RAppArmor/inst/profiles/debian/rapparmor.d/r-base
RAppArmor/inst/profiles/debian/rapparmor.d/r-compile
RAppArmor/inst/profiles/debian/rapparmor.d/testprofile
RAppArmor/inst/CITATION
RAppArmor/inst/doc
RAppArmor/inst/doc/v55i07.pdf.asis
RAppArmor/inst/doc/v55i07.pdf
RAppArmor/tests
RAppArmor/tests/run-all.R
RAppArmor/tests/testthat
RAppArmor/tests/testthat/helper-pretest.R
RAppArmor/tests/testthat/test-priority.R
RAppArmor/tests/testthat/test-apparmor.R
RAppArmor/tests/testthat/test-rlimit_memory.R
RAppArmor/tests/testthat/test-affinity.R
RAppArmor/tests/testthat/README
RAppArmor/tests/testthat/test-root.R
RAppArmor/tests/testthat/test-rlimit_cpu.R
RAppArmor/tests/testthat/test-rlimit_nproc.R
RAppArmor/src
RAppArmor/src/rlimits.c
RAppArmor/src/affinity.c
RAppArmor/src/process.c
RAppArmor/src/Makevars.in
RAppArmor/src/apparmor.c
RAppArmor/NAMESPACE
RAppArmor/NEWS
RAppArmor/R
RAppArmor/R/onAttach.R RAppArmor/R/unittests.R RAppArmor/R/eval.secure.R RAppArmor/R/userinfo.R RAppArmor/R/apparmor.R RAppArmor/R/rlimits.R RAppArmor/R/process.R RAppArmor/R/affinity.R
RAppArmor/vignettes
RAppArmor/vignettes/v55i07.pdf.asis
RAppArmor/MD5
RAppArmor/build
RAppArmor/build/vignette.rds
RAppArmor/DESCRIPTION
RAppArmor/configure
RAppArmor/man
RAppArmor/man/affinity.Rd RAppArmor/man/unittests.Rd RAppArmor/man/aa_is_enabled.Rd RAppArmor/man/aa_getcon.Rd RAppArmor/man/aa_change_hat.Rd RAppArmor/man/eval.secure.Rd RAppArmor/man/rlimit.Rd RAppArmor/man/aa_find_mountpoint.Rd RAppArmor/man/process.Rd RAppArmor/man/aa_change_profile.Rd RAppArmor/man/userinfo.Rd
RAppArmor/tools
RAppArmor/tools/readme.txt
RAppArmor/tools/debian
RAppArmor/tools/debian/postrm
RAppArmor/tools/debian/postinst
RAppArmor/tools/debian/rules
RAppArmor/tools/debian/install
RAppArmor/tools/debian/control
RAppArmor/tools/debian/changelog
RAppArmor/tools/debian/copyright

Questions? Problems? Suggestions? or email at ian@mutexlabs.com.

Please suggest features or report bugs with the GitHub issue tracker.

All documentation is copyright its authors; we didn't write any of that.