tags:

views:

12

answers:

0
Q: 

SElinux integrety check

How can i check (with SELinux) access to the file by process name?

For examle: we have 2 process: * /usr/bin/foo1 * /usr/bin/foo2

They are run under account with username userA and try to open for modify file:

  • /home/userA/test.txt

I want that if foo1 try to open file - it's ok. But if foo2 try to open this file - i have message about this in /var/log

Problem is that both processes have the same user ID. And i cant use RBAC by username.

related questions

Giving a unix process exclusive RW access to a directory
Can't access to a user jailed by Jailkit
Why am I getting a SegFault when I call pdftk from PHP/Apache but not PHP/CLI or directly
PHP Write Permission - FC13
Run Apache on port 81 with SeLinux Off
SELinux Prevents Java from Running
Log files not being written to (Passenger)
Is there a way to build a libxml2 without text relocations on Linux?
SELinux, Fedora, and Trusted Applet crashing?
SELinux and JAVA
How do you automate the launching/debugging of large scale projects?
How to debug an issue of cron's not executing a given script -- or other?
LDAP won't update if cached data exists
Best security practices in Linux
Is it possible to limit standard streams available to linux at the process level?
Do you disable SELinux?