RAppArmor: Bindings to AppArmor and Security Related Linux Tools
Bindings to various methods in the kernel for enforcing security
restrictions. AppArmor can apply mandatory access control (MAC) policies on
a given task (process) via security profiles with detailed ACL definitions.
In addition the package has kernel bindings for setting the process hardware
resource limits (rlimit), uid, gid, affinity and priority. The high level R
function 'eval.secure' builds on these methods to do dynamic sandboxing:
it evaluates a single R expression within a temporary fork which acts as a
sandbox by enforcing fine grained restrictions without affecting the main R
process. Recent versions on this package can also be installed on systems
without libapparmor, in which case some features are automatically disabled.
Please use the canonical form
to link to this page.