Label eth0 with a MCS security category?
Jason Shaw
js44352 at gmail.com
Fri Aug 21 21:25:47 UTC 2009
In FC-11, under the targeted policy, is it possible to label an ethernet
interface (such as eth0, eth1) with a specific MCS category?
Example:
1) Use semanage to assign user1 to s0:c5
3) Assign eth0 to s0:c4 (Can this be done?)
4) Assign eth1 to s0:c5
Desired result: if user1 tries to ping -I eth1 <ip_address> the ping command
will work (as both eth1 and user1 have category c5). If user1 tries to ping
-I eth0 <ip_address>, the ping command will not work (category mismatch
between user and eth1).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20090821/24e59b84/attachment.htm>
More information about the fedora-selinux-list
mailing list