diff --git a/booleans-targeted.conf b/booleans-targeted.conf
index 13216fa..a2e988c 100644
--- a/booleans-targeted.conf
+++ b/booleans-targeted.conf
@@ -1,6 +1,6 @@
 # Allow making anonymous memory executable, e.g.for runtime-code generation or executable stack.
 # 
-allow_execmem = true
+allow_execmem = false
 
 # Allow making a modified private filemapping executable (text relocation).
 # 
diff --git a/selinux-policy.spec b/selinux-policy.spec
index f6e85c1..8ddba8c 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -16,7 +16,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 2.2.38
-Release: 3
+Release: 4
 License: GPL
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -335,6 +335,10 @@ semodule -b base.pp -r bootloader -r clock -r dpkg -r fstools -r hotplug -r init
 %endif
 
 %changelog
+* Thu May 11 2006 Dan Walsh <dwalsh@redhat.com> 2.2.38-4
+- Turn off allow_execmem boolean
+- Allow ftp dac_override when allowed to access users homedirs
+
 * Wed May 10 2006 Dan Walsh <dwalsh@redhat.com> 2.2.38-3
 - Clean up spec file
 - Transition from unconfined_t to prelink_t