default user context on

seth vidal skvidal at
Tue Mar 27 21:17:32 UTC 2012

We are debating the default user context for

Right now users are unconfined_t.
This would, ostensibly, let them do a lot. However, we have
fedorapeople set up to isolate user tempdirs and every place a user can
write to is mounted noexec,nosuid - so there is no place to run
anything that isn't already on the system.

We're wondering if we should move them to either:




User_t sets:
 X Windows Login and terminal login, nosetuid, noexec in homedir

As we have things currently configured this would not involve much in
the way of a change to how users can operate on

Guest_t sets:
 Terminal login, nosetuid, nonetwork, noxwindows, noexec in homedir

X is not really an issue, obviously. So the big difference here is that
outbound network connections would not be allowed with guest_t.

The debate is really over network access. We know that some folks
tunnel through for irc and they login there to rsync
things to this space for personal hosting, etc.

So there are some legit reasons for outbound network connections.
However, it is not obvious that those reasons are within the scope
for what is supposed to be used.

And that is the more or less it - does anyone have any


More information about the infrastructure mailing list