Are there commands with this functionality in Fedora? If not what would it take to make them happen in general? Reasons would be ease of security application and another reason is that Enterprise has restrictions on altering SElinux policies which effect warranty. If this functionality were a logic binary AND with SELinux then we would not ever need to change default SElinux policies. ________________________________________________________________ /sbin/PORTS_ALLOW_FOR_USER username list of ports /sbin/PORTS_DENY_FOR_USER username list of ports /sbin/LIST_ALLOWED_PORTS_FOR_USER username /sbin/PORTS_ALLOW_FOR_FILE filename list of ports /sbin/PORTS_DENY_FOR_FILE filename list of ports /sbin/LIST_ALLOWED_PORTS_FOR_FILE filename /sbin/PORTS_ALLOW_FOR_PROCESS processID list of ports /sbin/PORTS_DENY_FOR_PROCESS processID list of ports /sbin/LIST_ALLOWED_PORTS_FOR_PROCESS processID ___________________________________________________________________________ /sbin/PRIVILEGES_ALLOW_FOR_USER username list_of_privileges_or_levels /sbin/PRIVILEGES_DENY_FOR_USER username list_of_privileges_or_levels /sbin/LIST_ALLOWED_PRIVS_FOR_USER username list_of_privileges_or_levels /sbin/PRIVILEGES_ALLOW_FOR_FILE filename list_of_privileges /sbin/PRIVILEGES_DENY_FOR_FILE filename list_or_privileges /sbin/LIST_ALLOWED_PRIVILIGES_FOR_FILE filename /sbin/PRIVILEGES_ALLOW_FOR_PROCESS processnameID list_of_privileges /sbin/PRIVILEGES_DENY_FOR_PROCESS processnameID list_of_privileges /sbin/LIST_ALLOWED_PRIVILEGES_FOR_PROCESS processID _____________________________________________________________________________ -- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list