I have recently learned about using "meta skgid" and "meta skuid" to limit network access based on primary group and user id. I would like to ensure that a user can only connect to sockets where the uid of the running process matches that user. Example: User A starts web server process on port 8000 in 1 shell User A logs into the same host in another shell. Processes running in this shell should be able to access localhost:8000 User B logs into the same host . Processes running in this shell should be denied access to localhost:8000. Ideally I'd like to allow the users access to certain common ports under 1024 and any local ports that they create processes on themselves. Is this something that netfilter can provide? Thank you for your time Jon Schewe
