fapolicyd - File Access Policy Daemon


The latest source code was released on Apr 29, 2024



This is the project page and source code distribution location for the fapolicyd application whitelisting daemon. Application whitelisting is a system integrity technique whereby applications that are known by some reputation source are permitted to execute or open certain files. Applications that unknown by the reputation source are not allowed to execute. Currently, reputation sources could be the rpm databases or an admin defined trusted files.

The default policy is designed with a couple goals in mind:

  • No bypass of security by executing programs via ld.so.
  • Anything requesting execution must be trusted.
  • Any library or interpretted language application or module must be trusted.


Source code on Github