This package implements R functions that interface to various methods in the Linux kernel related to enforcing security restrictions on a certain task (process). The package can apply mandatory access control (MAC) policies by loading an apparmor profile, and set hardware limits (rlimit), uid, gid, affinity and priority of the current process, directly from within R. The high level function eval.secure builds on these foundations to support dynamic sandboxing: it evaluates a single expression in a temporary fork with hard security restrictions and hardware limits without any side effects on the main R session.
| Version: | 1.0.1 |
| Imports: | parallel, tools, methods |
| Suggests: | testthat |
| OS_type: | unix |
| Published: | 2013-12-18 |
| Author: | Jeroen Ooms |
| Maintainer: | Jeroen Ooms <jeroen.ooms at stat.ucla.edu> |
| BugReports: | http://github.com/jeroenooms/RAppArmor/issues |
| License: | GPL-2 | GPL-3 | Apache License version 2.0 [expanded from: GPL | Apache License (== 2.0)] |
| URL: | http://www.jstatsoft.org/v55/i07/ http://github.com/jeroenooms/RAppArmor#readme |
| NeedsCompilation: | yes |
| SystemRequirements: | libapparmor-dev, linux (>= 3.0) |
| Citation: | RAppArmor citation info |
| Materials: | NEWS |
| CRAN checks: | RAppArmor results |
| Reference manual: | RAppArmor.pdf |
| Vignettes: |
Enforcing Security Policies Using Dynamic Sandboxing on Linux |
| Package source: | RAppArmor_1.0.1.tar.gz |
| Windows binaries: | r-devel: not available, r-release: not available, r-oldrel: not available |
| OS X Snow Leopard binaries: | r-release: not available, r-oldrel: not available |
| OS X Mavericks binaries: | r-release: not available |
| Old sources: | RAppArmor archive |
| Reverse suggests: | opencpu |