RAppArmor: Bindings to AppArmor and Security Related Linux Tools

Share:

Bindings to various methods in the kernel for enforcing security restrictions. AppArmor can apply mandatory access control (MAC) policies on a given task (process) via security profiles with detailed ACL definitions. In addition the package has kernel bindings for setting the process hardware resource limits (rlimit), uid, gid, affinity and priority. The high level R function 'eval.secure' builds on these methods to do dynamic sandboxing: it evaluates a single R expression within a temporary fork which acts as a sandbox by enforcing fine grained restrictions without affecting the main R process. Recent versions on this package can also be installed on systems without libapparmor, in which case some features are automatically disabled.

Author
Jeroen Ooms
Date of publication
2016-05-17 21:34:04
Maintainer
Jeroen Ooms <jeroen.ooms@stat.ucla.edu>
License
Apache License (== 2.0)
Version
2.0.2
URLs

View on CRAN

Man pages

aa_change_hat
Change hats
aa_change_profile
Change profiles
aa_find_mountpoint
Find the apparmor mountpoint
aa_getcon
Get AppArmor confinement context for the current task
aa_is_enabled
Check if AppArmor is Enabled
affinity
Process affinity manipulation
eval.secure
Secure evaluation
process
Unix Process Utilities
rlimit
Resource Limits
unittests
RAppArmor unit tests
userinfo
Lookup user info

Files in this package

RAppArmor
RAppArmor/inst
RAppArmor/inst/profiles
RAppArmor/inst/profiles/suse
RAppArmor/inst/profiles/suse/usr.bin.r
RAppArmor/inst/profiles/suse/rapparmor
RAppArmor/inst/profiles/suse/rapparmor.d
RAppArmor/inst/profiles/suse/rapparmor.d/r-user
RAppArmor/inst/profiles/suse/rapparmor.d/r-base
RAppArmor/inst/profiles/suse/rapparmor.d/r-compile
RAppArmor/inst/profiles/suse/rapparmor.d/testprofile
RAppArmor/inst/profiles/debian
RAppArmor/inst/profiles/debian/usr.bin.r
RAppArmor/inst/profiles/debian/rapparmor
RAppArmor/inst/profiles/debian/rapparmor.d
RAppArmor/inst/profiles/debian/rapparmor.d/r-user
RAppArmor/inst/profiles/debian/rapparmor.d/r-base
RAppArmor/inst/profiles/debian/rapparmor.d/r-compile
RAppArmor/inst/profiles/debian/rapparmor.d/testprofile
RAppArmor/inst/CITATION
RAppArmor/inst/doc
RAppArmor/inst/doc/v55i07.pdf.asis
RAppArmor/inst/doc/v55i07.pdf
RAppArmor/tests
RAppArmor/tests/run-all.R
RAppArmor/tests/testthat
RAppArmor/tests/testthat/helper-pretest.R
RAppArmor/tests/testthat/test-priority.R
RAppArmor/tests/testthat/test-apparmor.R
RAppArmor/tests/testthat/test-rlimit_memory.R
RAppArmor/tests/testthat/test-affinity.R
RAppArmor/tests/testthat/README
RAppArmor/tests/testthat/test-root.R
RAppArmor/tests/testthat/test-rlimit_cpu.R
RAppArmor/tests/testthat/test-rlimit_nproc.R
RAppArmor/src
RAppArmor/src/rlimits.c
RAppArmor/src/affinity.c
RAppArmor/src/process.c
RAppArmor/src/Makevars.in
RAppArmor/src/apparmor.c
RAppArmor/NAMESPACE
RAppArmor/NEWS
RAppArmor/R
RAppArmor/R/onAttach.R
RAppArmor/R/unittests.R
RAppArmor/R/eval.secure.R
RAppArmor/R/userinfo.R
RAppArmor/R/apparmor.R
RAppArmor/R/rlimits.R
RAppArmor/R/process.R
RAppArmor/R/affinity.R
RAppArmor/vignettes
RAppArmor/vignettes/v55i07.pdf.asis
RAppArmor/MD5
RAppArmor/build
RAppArmor/build/vignette.rds
RAppArmor/DESCRIPTION
RAppArmor/configure
RAppArmor/man
RAppArmor/man/affinity.Rd
RAppArmor/man/unittests.Rd
RAppArmor/man/aa_is_enabled.Rd
RAppArmor/man/aa_getcon.Rd
RAppArmor/man/aa_change_hat.Rd
RAppArmor/man/eval.secure.Rd
RAppArmor/man/rlimit.Rd
RAppArmor/man/aa_find_mountpoint.Rd
RAppArmor/man/process.Rd
RAppArmor/man/aa_change_profile.Rd
RAppArmor/man/userinfo.Rd
RAppArmor/tools
RAppArmor/tools/readme.txt
RAppArmor/tools/debian
RAppArmor/tools/debian/postrm
RAppArmor/tools/debian/postinst
RAppArmor/tools/debian/rules
RAppArmor/tools/debian/install
RAppArmor/tools/debian/control
RAppArmor/tools/debian/changelog
RAppArmor/tools/debian/copyright