An Acl Policy to effect only One Program (Skype)?
Posted: Fri Dec 09, 2005 12:27 amI am the only user on my computer (2.6.4-3 grsec kernel)
and find that using a learning generated grsec acl policy limits my use of the
computer.
In fact the only program which I wish to limit using grsec is Skype.
Unfortunately Skype will not run unless I use chpax to to disable the Pax
features for Skype, so the only protection that I can use is from the acl
policy.
Is it possible to generate an acl policy that essentially leaves everything
alone except for Skype? I have the acl rules that I want for Skype, but
don't know how to set up the rest of the policy file so that I am not
shackled
with the many other things that I wish to do on my computer.
and find that using a learning generated grsec acl policy limits my use of the
computer.
In fact the only program which I wish to limit using grsec is Skype.
Unfortunately Skype will not run unless I use chpax to to disable the Pax
features for Skype, so the only protection that I can use is from the acl
policy.
Is it possible to generate an acl policy that essentially leaves everything
alone except for Skype? I have the acl rules that I want for Skype, but
don't know how to set up the rest of the policy file so that I am not
shackled
with the many other things that I wish to do on my computer.