Hello, the guest_t type is allowed to browse directories labelled with admin_home_t but guest_t is not allowed to interact with any non-directory files labelled with admin_home_t. That looks inconsistent to me. Why should guest_t be allowed to enter directories labelled with admin_home_t but not interact with any other files? Is there a reasoning behind that (i.e. am I missing something) or should I file a bug report? In my opinion guest_t shouldn't be able to browse folders labelled with admin_home_t. Regards, Mario PS That is on a RHEL7 machine. -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
