No i am not using the strict policy because the xserver will not start after applying the policy and rebooting for relabelling. I am currently enforcing the targetted policy. On 7/13/05, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: > Mathew Pullar wrote: > > >Hi, > >I have just started to experiment with selinux and noticed the "User > >Privs" section in system-config-securitylevel-gui and unticked allow > >users to ping and allow users to read default system files. I then > >created a new normal user account to test the changes i had made. > >The new user was able to ping to and to read default system files such > >as /etc/inittab. > >I then thought perhaps relabelling was required so rebooted and > >relabeled. This however still allowed normal users to ping. > >My current selinux config is set to enabled and enforcing. > >Any help would be greatly appreciated. > > > Are you running strict policy? > > default system files are files that are marked with file context > default_t. You should not > have many of them on the system. > Dan