Skip to main content

Module security

Module security 

Source
Expand description

Stream capability and security policy model.

The kernel defines the capability contract (CapabilityName) and the expression graph (Expr); this module supplies the concrete streaming-fabric capabilities a stream may exercise and the policy that bounds remote access and redacts sensitive payloads. StreamSecurityCapability names the gated operations, StreamRemoteLimits bounds what a remote boundary may carry, StreamSecurityPolicy inspects expressions for leaked secrets, and StreamRedactionFinding records what a redaction scan caught.

Structs§

StreamRemoteLimits
Quantitative bounds a stream must respect when it crosses a remote boundary.
StreamSecurityPolicy
Security policy applied to stream payloads that leave the local boundary.

Enums§

StreamRedactionFinding
Category of sensitive content a redaction scan can flag in a payload.
StreamSecurityCapability
Concrete capability a stream may exercise, gated against the kernel capability contract.

Functions§

stream_cancel_capability
Returns the capability name gating cancelling a stream.
stream_host_device_capability
Returns the capability name gating host device access.
stream_lan_midi_capability
Returns the capability name gating LAN MIDI access.
stream_open_capability
Returns the capability name gating opening a stream.
stream_push_capability
Returns the capability name gating pushing into a stream.
stream_read_capability
Returns the capability name gating reading from a stream.
stream_redaction_finding_symbols
Returns the qualified symbols for every redaction finding category.
stream_remote_network_capability
Returns the capability name gating remote network access.
stream_remote_preview_capability
Returns the capability name gating remote stream preview.
stream_remote_render_capability
Returns the capability name gating remote stream render.
stream_security_capabilities
Returns the full set of stream security capabilities in declaration order.
stream_security_capability_names
Returns the kernel capability names for every stream security capability.
stream_stats_capability
Returns the capability name gating reading stream statistics.