Documentation ¶
Index ¶
Constants ¶
View Source
const ( PolicyDefaultDisallow policy = iota PolicyDefaultAllow )
Variables ¶
View Source
var ( Times [5000]int64 Times_c = 0 )
Temp for printing.
View Source
var ErrPermissionManagerViolation = errors.New("permission manager violation")
Functions ¶
func NewHookManager ¶
func NewHookManager(pm *PermissionsManager) (*hookManager, error)
Types ¶
type AccessMetadata ¶
type AccessMetadata struct { DirectPkg string `json:"direct"` CallerPkg string `json:"caller"` ResType ResourceType `json:"resourceType"` ResName string `json:"resourceName"` Access Access `json:"access"` Trace []Frame `json:"frames"` // contains filtered or unexported fields }
func (*AccessMetadata) ToJSON ¶
func (s *AccessMetadata) ToJSON() (string, error)
type Config ¶
type Config struct { Version *int `yaml:"version"` Default *policy `yaml:"default"` Permissions *perms `yaml:"permissions"` }
func NewConfigFromData ¶
type PermissionManagerCb ¶
type PermissionManagerCb interface { OnAccessDenied(s *AccessMetadata) error OnAccessGranted(s *AccessMetadata) }
type PermissionsManager ¶
type PermissionsManager struct {
// contains filtered or unexported fields
}
func NewPermissionManagerFromData ¶
func NewPermissionManagerFromData(data []byte, cb PermissionManagerCb) (*PermissionsManager, error)
func NewPermissionManagerFromFile ¶
func NewPermissionManagerFromFile(file string, cb PermissionManagerCb) (*PermissionsManager, error)
func (*PermissionsManager) OnAccess ¶
func (pm *PermissionsManager) OnAccess(key string, matches permMatches, resType ResourceType, req Access) error
TODO: callback
type ResourceType ¶
type ResourceType int
const ( ResourceTypeEnv ResourceType = iota ResourceTypeFs ResourceTypeNet // ResourceTypeRpc ResourceTypeProcess )
Click to show internal directories.
Click to hide internal directories.