FBAC-LSM is a security mechanism for Linux which retricts applications based on the features they provide, such as "Web Browser" or "Image Editor". By restricting the actions of applications, the damage which can be caused by malware or software vulnerabilities can be significantly reduced. Reusable policy abstractions, known as functionalities, can be used to grant the authority to perform high level features (for example using the Web_Browser functionality) or lower level features (such as using the HTTP_Client functionality) or to grant privileges to access any specified resources. Functionalities are parameterized, which allows them to be adapted to the needs of specific applications. Functionalities are also hierarchical; that is, functionalities can contain other functionalities.
timekpr will track and control the computer usage of your user accounts. You can limit their daily usage based on a timed access duration and configure periods of day when they can or cannot log in. With this application, administrators can limit account login time duration or account access hours. It has support for GNOME, KDE, and XFCE and uses time and access Linux PAM modules. It is currently limited to Ubuntu only.