package restricted

You can search for identifiers within the package.

in-package search v0.2.0

restricted
- CHANGELOG
- README
- Library restricted
  - Restricted
    
    SystemOperation
    
    PathAccess
    
    PathPermission
- Sources
  - restricted
    
    openbsd.ml
    
    pledge.ml
    
    restricted.ml
    
    restricted__.ml
    
    types.ml
    
    unveil.ml
    
    util.ml

Legend:
Page
Library
Module
Module type
Parameter
Class
Class type
Source

restricted

Restrict possible system operations and filesystem view of your program. Try to call it as soon as possible in your program. Actual restricted calls currently implemented for these operating systems:

OpenBSD

Even if your operating system is not currently actually implemented, you can still call restricted to make transparent to your users which privileges your program needs and your users can test these promises with tools like pledge on Linux. Enjoy ;)

Usage and Examples

opam install restricted

Contribute

Feel free to open issues and pull requests, especially tests are more than welcome.

Dependencies

for build and installation: OCaml, Dune
for development: OCaml, Dune, ppx_inline_test, ocamlformat, make, shellcheck, shfmt

inspired by

https://codeberg.org/semarie/ocaml-openbsd
https://www.openbsd.org/

Thanks.

LICENSE

This work is licensed only under the GNU Affero General Public License version 3 (AGPLv3). See the LICENSE file for details.