Hello, On Fri, Apr 27, 2018 at 4:31 PM, Stephen Smalley <s...@tycho.nsa.gov> wrote:
> See: > https://github.com/SELinuxProject/selinux-kernel/issues/21 > https://bugzilla.redhat.com/show_bug.cgi?id=1168044 > OK. So currently, it's not possible to write a policy item which allows connections to sockets on the loopback interface only. In that case, I'll work on a patch proposal for a boolean to activate this: allow tomcat_t smtp_port_t:tcp_socket name_connect; -- Regards, Troels Arvin