From: russell@coker.com.au (Russell Coker) Date: Tue, 7 Oct 2008 09:49:08 +1000 Subject: [refpolicy] ipmi port Message-ID: <200810071049.11443.russell@coker.com.au> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com network_port(ipmi, udp,623,s0, udp,664,s0) I suggest that we have port labelling such as the above for the IPMI ports (it seems that the most commonly used IPMI port is 623 while port 664 is also used). While the potential for security benefits are minimal (the OS can't usefully run a server for the IPMI protocol). http://etbe.coker.com.au/2008/10/07/rpc-and-se-linux/ I've written about the issue at the above URL. -- russell at coker.com.au http://etbe.coker.com.au/ My Blog http://www.coker.com.au/sponsorship.html Sponsoring Free Software development