On Thu, 2012-02-23 at 14:37 -0800, Vu, Joseph wrote: > I am trying to create a policy with a port type. I want to control another process type allowing it to connect to a port and read only. No writing is allowed. > > Does the port type has other control beside name_bind? Not for UDP. However: - You can control read/write to self:udp_socket. - You could use SECMARK to label the packets and control via the :packet send/recv permissions instead. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
