user home - disable execution - selinux-policy-3.0.3-6
Daniel J Walsh
dwalsh at redhat.com
Wed Jul 25 12:51:51 UTC 2007
Hal wrote:
> Sorry, but I can not find selinux-policy-3.0.3-6 anywhere. Would you give me a
> link?
>
> Hal
>
>
> --- Daniel J Walsh <dwalsh at redhat.com> wrote:
>
>
>> Hal wrote:
>>
>>> Hi all
>>>
>>> I am new to selinux and I want to use it to acheive 3 main goals:
>>> 1. disable execution of any executables located in users' home dir trees.
>>> 2. disable users to see what other users exist on the system.
>>> 3. disable users to see who is logged in and what processes is running.
>>>
>>> Does anybody have any policy modules doing something similar? I
>>> need a starting point. A clue, what ever to point me the right direction.
>>> I have been reading "Selinux by example" and "SELINUX NSA'a open source
>>> Security Enhabced linux" but both books seem quite out of date. All I have
>>> learned is
>>> how to write useless rules, because I do not know how to make a modile how
>>>
>> to
>>
>>> use module to override the default policy etc.
>>>
>>> Thanks in advance!
>>>
>>> Hal
>>>
>>>
>>>
>> I have just rebuilt rawhide policy and by default guest/xguest users
>> will give you exactly what you request.
>>
>> selinux-policy-3.0.3-6
>>
>>>
>>>
>>>
> ____________________________________________________________________________________
>
>>> Building a website is a piece of cake. Yahoo! Small Business gives you all
>>>
>> the tools to get online.
>>
>>> http://smallbusiness.yahoo.com/webhosting
>>>
>>> --
>>> fedora-selinux-list mailing list
>>> fedora-selinux-list at redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>>>
>>>
>>
>
>
>
> ____________________________________________________________________________________
> Luggage? GPS? Comic books?
> Check out fitting gifts for grads at Yahoo! Search
> http://search.yahoo.com/search?fr=oni_on_mail&p=graduation+gifts&cs=bz
>
It should be in today's rawhide. You can also grab it at
http://people.redhat.com/dwalsh/SELinux/Fedora
More information about the fedora-selinux-list
mailing list