user home - disable execution

Daniel J Walsh dwalsh at
Tue Jul 24 20:44:43 UTC 2007

Hal wrote:
> Hi all
> I am new to selinux and I want to use it to acheive 3 main goals:
> 1. disable execution of any executables located in users' home dir trees.
> 2. disable users to see what other users exist on the system.
> 3. disable users to see who is logged in and what processes is running.
> Does anybody have any policy modules doing something similar? I 
> need a starting point. A clue, what ever to point me the right direction.
> I have been reading "Selinux by example" and "SELINUX NSA'a open source
> Security Enhabced linux" but both books seem quite out of date. All I have
> learned is
> how to write useless rules, because I do not know how to make a modile how to
> use module to override the default policy etc. 
> Thanks in advance!
> Hal  
I have just rebuilt rawhide policy and by default guest/xguest users 
will give you exactly what you request.

> ____________________________________________________________________________________
> Building a website is a piece of cake. Yahoo! Small Business gives you all the tools to get online.
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at

More information about the fedora-selinux-list mailing list