Comment # 3 on bug 1206292 from Filippo Bonazzi

To be even more specific than that: the booleans that are being discussed
(selinuxuser_execmod, selinuxuser_execstack)[0] IMO are generally dangerous and
not required by normal applications doing normal stuff.

E.g. from the selinux manpage:

> If you want to allow unconfined executables to make their stack executable.
> This should never, ever be necessary. Probably indicates a badly coded
> executable, but could indicate an attack. This executable should be reported
> in bugzilla, you must turn on the selinuxuser_execstack boolean.
>
> setsebool -P selinuxuser_execstack 1

That is why they are not set by default. The default settings are picked to
provide as good protection as possible for most people.

If the specific application you are trying to run requires this to work, you
can set these booleans on your system.

[0] https://en.opensuse.org/Portal:MicroOS/Desktop