restricted-workers-0.1.1: Running worker processes under system resource restrictions

Safe HaskellNone

System.Restricted.Limits

Contents

Description

The implementation of security restrictions

Synopsis

Apply restrictions

Individual limits

setRLimits :: RLimits -> IO ()Source

Set rlimits using setrlimit syscall

chroot :: FilePath -> IO ()Source

Set the chroot jail

changeUserID :: UserID -> IO ()Source

Change the uid of the current process

setCGroupSource

Arguments

:: LimitSettings 
-> ProcessID

The ID of a process to be added to the group

-> IO () 

Add a process to a cgroup

setupSELinuxCntx :: SecurityContext -> IO ()Source

Set the security context. To be more precise, it only sets up the type. Example usage:

 setupSELinuxCntx "my_restricted_t"

processTimeoutSource

Arguments

:: ProcessID

ID of a process to be killed

-> Int

Time limit (in seconds)

-> IO () 

Waits for a certain period of time and then kills the process