If its possible to apply SELinux policies to unix device files, would that be a problem?
I would like to apply a policy to a process and enforce what it can communicate with device-wise (eg. physical network interface port) based on that policy.
Would think that the "selinux-policy-mls" tool could give me that level of segmentation with SELinux?
Thoughts/suggestions?