Greetings.&nbsp; <br><br>My understanding is that RPM packages will be able to install policy modules in FC5, an improvement over a monolithic policy.&nbsp; I have a couple of questions about the implementation:<br><br>1.&nbsp; Is it possible to provide a temporary policy (either external, or with an RPM) that constains what the specific RPM's installation can do?&nbsp; 
<br><br>The motivation here is that when I install an RPM, it would be nice if I would be able to get a declarative list of what the RPM wants access to do.&nbsp; The RPM tool might summarize before installing the package what the package will be allowed to do, by parsing this &quot;installation sandbox&quot; policy.
<br><br>2.&nbsp; Is it possible to limit (or discover easily in advance) what changes to the system policy are being made by the RPM's policy modules?<br><br>The motivation being that I want to be sure that the policy modules installed by an RPM are well behaved concerning overall system constraints.
<br><br>Apologies in advance if these questions are way off-base, or belong somewhere else.<br><br>Thanks for your thoughts,<br>Ben<br>