Hi, Does SELinux provide any sort of mechanism for blocking exec on commands based on their command line arguments? The proposed use case goes a little like this, allow 'wget' to access 'http://good-server-1/*' and 'http://good-server-2/*' but block access to other hostnames and log the access type. I understand there are probably other ways to achieve this but am wondering if it is possible just using SELinux? Thanks Ville Baillie Software Engineer ByteSnap Design Ltd | 2 Devon Way | Longbridge Technology Park | Birmingham | B31 2TS _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
