diff --git a/refpolicy/Changelog b/refpolicy/Changelog
index b9e316e..c3fe2dc 100644
--- a/refpolicy/Changelog
+++ b/refpolicy/Changelog
@@ -1,3 +1,4 @@
+- Remove allow_execmem from targeted policy domain_base_type().
 - Add users_extra and seusers support.
 - Postfix fixes from Serge Hallyn.
 - Run python and shell directly to interpret scripts so policy
diff --git a/refpolicy/policy/modules/kernel/domain.if b/refpolicy/policy/modules/kernel/domain.if
index add7aa3..510a0dd 100644
--- a/refpolicy/policy/modules/kernel/domain.if
+++ b/refpolicy/policy/modules/kernel/domain.if
@@ -40,10 +40,6 @@ interface(`domain_base_type',`
 	allow $1 self:process { fork sigchld };
 
 	ifdef(`targeted_policy',`
-		tunable_policy(`allow_execmem',`
-			allow $1 self:process execmem;
-		')
-
 		# FIXME:
 		# hack until role dominance is fixed in
 		# the module compiler