Application whitelisting in RHEL
Issue
- We are looking to apply an
application whitelisting
mechanism in RHEL workstations, where users are allowed to run certain binaries, while running anything else is not allowed. For example, trusted applications, let's say gedit, is allowed, while running applications/scripts that are not whitelisted will be rejected.SELinux
is abehavioral whitelisting
, not sure ifApplication whitelisting
is feasible. - Is there any mechanism to apply such thing in RHEL? and products in the market you're aware of that performs something similar?
- Restrict the execution of executable and script.
- Does application server whitelist or control executable and script executor such as
Microsoft Applocker
, CLI setups to restrict the execution of executable and script to an approved set and authorised individuals?
Environment
- Red Hat Enterprise Linux (RHEL)
- 7.x
- 8.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.