user home - disable execution
Daniel J Walsh
dwalsh at redhat.com
Tue Jul 24 20:44:43 UTC 2007
Hal wrote:
> Hi all
>
> I am new to selinux and I want to use it to acheive 3 main goals:
> 1. disable execution of any executables located in users' home dir trees.
> 2. disable users to see what other users exist on the system.
> 3. disable users to see who is logged in and what processes is running.
>
> Does anybody have any policy modules doing something similar? I
> need a starting point. A clue, what ever to point me the right direction.
> I have been reading "Selinux by example" and "SELINUX NSA'a open source
> Security Enhabced linux" but both books seem quite out of date. All I have
> learned is
> how to write useless rules, because I do not know how to make a modile how to
> use module to override the default policy etc.
>
> Thanks in advance!
>
> Hal
>
>
I have just rebuilt rawhide policy and by default guest/xguest users
will give you exactly what you request.
selinux-policy-3.0.3-6
>
> ____________________________________________________________________________________
> Building a website is a piece of cake. Yahoo! Small Business gives you all the tools to get online.
> http://smallbusiness.yahoo.com/webhosting
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
More information about the fedora-selinux-list
mailing list