-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Paul Howarth wrote: > On Sat, 18 Oct 2008 12:34:53 +0000 > lionel ong <odin743@xxxxxxxxxxx> wrote: > >>> Date: Sat, 18 Oct 2008 13:25:59 +0100> From: paul@xxxxxxxxxxxx> To: >>> odin743@xxxxxxxxxxx> CC: fedora-selinux-list@xxxxxxxxxx> Subject: >>> Re: Question on SELinux> > On Sat, 18 Oct 2008 09:55:26 +0000> >>> lionel ong <odin743@xxxxxxxxxxx> wrote:> > > > Port 80 is the port >>> that the websites firefox connects to use; if you> prevent firefox >>> from connecting to websites on port 80 it's just not> going to work >>> at all, unless you're trying to force it through a proxy> on a >>> different port perhaps?> > Paul. >> Hi, yes I understand that the firefox will fail to work, but I am >> just trying out the things policies can do, it's ok if firefox fails. >> Do you know how I could stop firefox from using Port 80 and uses some >> other port? Regards, Lionel > > I've never done anything like that but I guess a good starting point > would be xguest (see http://danwalsh.livejournal.com/14778.html) and > tweaking policy from there. > > Paul. > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list Start with the following policy and add ports that you would allow. policy_module(myuser, 1.0.0) role myuser_r; userdom_restricted_xwindows_user_template(muser) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkkCIaMACgkQrlYvE4MpobMHUACfRYAnQt1HjrRnhnGx3RpAceBB FpAAnjWNh+MT9FVknPHpudyQ9reTvZ5+ =Jtwr -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
