Expand description
Stream capability and security policy model.
The kernel defines the capability contract (CapabilityName) and the
expression graph (Expr); this module supplies the concrete streaming-fabric
capabilities a stream may exercise and the policy that bounds remote access
and redacts sensitive payloads. StreamSecurityCapability names the gated
operations, StreamRemoteLimits bounds what a remote boundary may carry,
StreamSecurityPolicy inspects expressions for leaked secrets, and
StreamRedactionFinding records what a redaction scan caught.
Structs§
- Stream
Remote Limits - Quantitative bounds a stream must respect when it crosses a remote boundary.
- Stream
Security Policy - Security policy applied to stream payloads that leave the local boundary.
Enums§
- Stream
Redaction Finding - Category of sensitive content a redaction scan can flag in a payload.
- Stream
Security Capability - Concrete capability a stream may exercise, gated against the kernel capability contract.
Functions§
- stream_
cancel_ capability - Returns the capability name gating cancelling a stream.
- stream_
host_ device_ capability - Returns the capability name gating host device access.
- stream_
lan_ midi_ capability - Returns the capability name gating LAN MIDI access.
- stream_
open_ capability - Returns the capability name gating opening a stream.
- stream_
push_ capability - Returns the capability name gating pushing into a stream.
- stream_
read_ capability - Returns the capability name gating reading from a stream.
- stream_
redaction_ finding_ symbols - Returns the qualified symbols for every redaction finding category.
- stream_
remote_ network_ capability - Returns the capability name gating remote network access.
- stream_
remote_ preview_ capability - Returns the capability name gating remote stream preview.
- stream_
remote_ render_ capability - Returns the capability name gating remote stream render.
- stream_
security_ capabilities - Returns the full set of stream security capabilities in declaration order.
- stream_
security_ capability_ names - Returns the kernel capability names for every stream security capability.
- stream_
stats_ capability - Returns the capability name gating reading stream statistics.