user home - disable execution - selinux-policy-3.0.3-6

Daniel J Walsh dwalsh at redhat.com
Wed Jul 25 12:51:51 UTC 2007 

Hal wrote:
> Sorry, but I can not find selinux-policy-3.0.3-6 anywhere. Would you give me a
> link?
>
> Hal
>
>
> --- Daniel J Walsh <dwalsh at redhat.com> wrote:
>
>   
>> Hal wrote:
>>     
>>> Hi all
>>>
>>> I am new to selinux and I want to use it to acheive 3 main goals:
>>> 1. disable execution of any executables located in users' home dir trees.
>>> 2. disable users to see what other users exist on the system.
>>> 3. disable users to see who is logged in and what processes is running.
>>>
>>> Does anybody have any policy modules doing something similar? I 
>>> need a starting point. A clue, what ever to point me the right direction.
>>> I have been reading "Selinux by example" and "SELINUX NSA'a open source
>>> Security Enhabced linux" but both books seem quite out of date. All I have
>>> learned is
>>> how to write useless rules, because I do not know how to make a modile how
>>>       
>> to
>>     
>>> use module to override the default policy etc. 
>>>
>>> Thanks in advance!
>>>
>>> Hal  
>>>
>>>   
>>>       
>> I have just rebuilt rawhide policy and by default guest/xguest users 
>> will give you exactly what you request.
>>
>> selinux-policy-3.0.3-6
>>     
>>>        
>>>
>>>       
> ____________________________________________________________________________________
>   
>>> Building a website is a piece of cake. Yahoo! Small Business gives you all
>>>       
>> the tools to get online.
>>     
>>> http://smallbusiness.yahoo.com/webhosting 
>>>
>>> --
>>> fedora-selinux-list mailing list
>>> fedora-selinux-list at redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>>>   
>>>       
>>     
>
>
>
>       ____________________________________________________________________________________
> Luggage? GPS? Comic books? 
> Check out fitting gifts for grads at Yahoo! Search
> http://search.yahoo.com/search?fr=oni_on_mail&p=graduation+gifts&cs=bz
>   
It should be in today's rawhide.  You can also grab it at 
http://people.redhat.com/dwalsh/SELinux/Fedora

More information about the fedora-selinux-list mailing list