Application whitelisting in RHEL

Solution Verified - Updated -

Issue

  • We are looking to apply an application whitelisting mechanism in RHEL workstations, where users are allowed to run certain binaries, while running anything else is not allowed. For example, trusted applications, let's say gedit, is allowed, while running applications/scripts that are not whitelisted will be rejected. SELinux is a behavioral whitelisting, not sure if Application whitelisting is feasible.
  • Is there any mechanism to apply such thing in RHEL? and products in the market you're aware of that performs something similar?
  • Restrict the execution of executable and script.
  • Does application server whitelist or control executable and script executor such as Microsoft Applocker, CLI setups to restrict the execution of executable and script to an approved set and authorised individuals?

Environment

  • Red Hat Enterprise Linux (RHEL)
    • 7.x
    • 8.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content