Security outside of SElinux?
Jeff Barnes
hybridjeffbarnes at sbcglobal.net
Thu Jan 29 19:26:24 UTC 2009
Are there commands with this functionality in Fedora?
If not what would it take to make them happen in general?
Reasons would be ease of security application and another reason is
that Enterprise has restrictions on altering SElinux policies
which effect warranty. If this functionality were a logic binary AND
with SELinux then we would not ever need to change default SElinux
policies.
________________________________________________________________
/sbin/PORTS_ALLOW_FOR_USER username list of ports
/sbin/PORTS_DENY_FOR_USER username list of ports
/sbin/LIST_ALLOWED_PORTS_FOR_USER username
/sbin/PORTS_ALLOW_FOR_FILE filename list of ports
/sbin/PORTS_DENY_FOR_FILE filename list of ports
/sbin/LIST_ALLOWED_PORTS_FOR_FILE filename
/sbin/PORTS_ALLOW_FOR_PROCESS processID list of ports
/sbin/PORTS_DENY_FOR_PROCESS processID list of ports
/sbin/LIST_ALLOWED_PORTS_FOR_PROCESS processID
___________________________________________________________________________
/sbin/PRIVILEGES_ALLOW_FOR_USER username list_of_privileges_or_levels
/sbin/PRIVILEGES_DENY_FOR_USER username list_of_privileges_or_levels
/sbin/LIST_ALLOWED_PRIVS_FOR_USER username list_of_privileges_or_levels
/sbin/PRIVILEGES_ALLOW_FOR_FILE filename list_of_privileges
/sbin/PRIVILEGES_DENY_FOR_FILE filename list_or_privileges
/sbin/LIST_ALLOWED_PRIVILIGES_FOR_FILE filename
/sbin/PRIVILEGES_ALLOW_FOR_PROCESS processnameID list_of_privileges
/sbin/PRIVILEGES_DENY_FOR_PROCESS processnameID list_of_privileges
/sbin/LIST_ALLOWED_PRIVILEGES_FOR_PROCESS processID
_____________________________________________________________________________
More information about the Fedora-security-list
mailing list