Hello,
It is possible to have subject in policy with enabled learning mode for it and this subject will unable to use network completely (bind and connect disabled)?
Thanks.
Learning with partial restrictions?
5 posts
• Page 1 of 1
Learning with partial restrictions?
by Undine » Wed Nov 16, 2011 5:17 am
- Undine
- Posts: 46
- Joined: Thu Sep 08, 2011 7:08 am
Re: Learning with partial restrictions?
by spender » Wed Nov 16, 2011 11:19 am
It's not possible within RBAC to partially restrict a subject under learning. There exist netfilter modules to deny traffic in/out of specific processes though.
-Brad
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
Re: Learning with partial restrictions?
by Undine » Thu Nov 17, 2011 10:41 pm
Ok. And similar question: there is role with enabled learning. Will existing subjects for that role (specified after role definition) still work, or they will be ignored?
Thanks.
Thanks.
- Undine
- Posts: 46
- Joined: Thu Sep 08, 2011 7:08 am
Re: Learning with partial restrictions?
by spender » Thu Nov 17, 2011 10:59 pm
They'll be ignored. The role-based learning performs full learning on a single role -- it decides what subjects need to be created.
-Brad
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
Re: Learning with partial restrictions?
by Undine » Fri Nov 18, 2011 5:49 am
Okay, got it now. Thanks!
- Undine
- Posts: 46
- Joined: Thu Sep 08, 2011 7:08 am
5 posts
• Page 1 of 1