Safe Haskell | None |
---|
The implementation of security restrictions
- setLimits :: LimitSettings -> IO ()
- setRLimits :: RLimits -> IO ()
- chroot :: FilePath -> IO ()
- changeUserID :: UserID -> IO ()
- setCGroup :: LimitSettings -> ProcessID -> IO ()
- setupSELinuxCntx :: SecurityContext -> IO ()
- processTimeout :: ProcessID -> Int -> IO ()
Apply restrictions
setLimits :: LimitSettings -> IO ()Source
Apply the LimitSettings
Individual limits
setRLimits :: RLimits -> IO ()Source
Set rlimits using setrlimit syscall
changeUserID :: UserID -> IO ()Source
Change the uid of the current process
:: LimitSettings | |
-> ProcessID | The ID of a process to be added to the group |
-> IO () |
Add a process to a cgroup
setupSELinuxCntx :: SecurityContext -> IO ()Source
Set the security context. To be more precise, it only sets up the type. Example usage:
setupSELinuxCntx "my_restricted_t"
Waits for a certain period of time and then kills the process