-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/15/2011 12:16 PM, Christoph A. wrote:
Hi,
I'd like to redirect traffic (for transparent proxying) coming from a
program running in a sandbox_net_t (or sandbox_web_t) sandbox, but as
far as I've seen there is no possibility to match/mark packets based on
there local security context origin.
Is that idea somehow possible?
thanks,
Christoph A.
--
selinux mailing list
selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
I am not sure about proxying, but you can force all packets from the
sandbox to go to a proxy server and block them if they tried to go direct.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org/
iEYEARECAAYFAk2ocRoACgkQrlYvE4MpobOghQCfXCVcsFSlb7PLnvQoJnEVist5
sfoAnA2vNM1AWgwopCC+haney3Y7hdC6
=FJCo
-----END PGP SIGNATURE-----