user home - disable execution
Daniel J Walsh
dwalsh at redhat.com
Tue Jul 24 20:44:43 UTC 2007
> Hi all
> I am new to selinux and I want to use it to acheive 3 main goals:
> 1. disable execution of any executables located in users' home dir trees.
> 2. disable users to see what other users exist on the system.
> 3. disable users to see who is logged in and what processes is running.
> Does anybody have any policy modules doing something similar? I
> need a starting point. A clue, what ever to point me the right direction.
> I have been reading "Selinux by example" and "SELINUX NSA'a open source
> Security Enhabced linux" but both books seem quite out of date. All I have
> learned is
> how to write useless rules, because I do not know how to make a modile how to
> use module to override the default policy etc.
> Thanks in advance!
I have just rebuilt rawhide policy and by default guest/xguest users
will give you exactly what you request.
> Building a website is a piece of cake. Yahoo! Small Business gives you all the tools to get online.
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
More information about the fedora-selinux-list