Hi, Does SELinux provide any sort of mechanism for blocking exec on commands based on their command line arguments?
The proposed use case goes a little like this, allow 'wget' to access 'http://good-server-1/*' and 'http://good-server-2/*' but block access to other hostnames and log the access type. I understand there are probably other ways to achieve this but am wondering if it is possible just using SELinux? Thanks Ville Baillie Software Engineer ByteSnap Design Ltd | 2 Devon Way | Longbridge Technology Park | Birmingham | B31 2TS _______________________________________________ Selinux mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
