Re: Why do I need SELinux?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 2005-02-19 at 13:48 -0700, James McKenzie wrote:

> Apache servers have been 'cracked' and taken over for purposes other 
> than intended.  Never run httpd as root 

apache:apache. No access outside of the web root.

> unless you really, really need to.
> As far as using SELinux and given your situation, I would HIGHLY 
> recommend it.  It is another layer of host based security.  You can have 
> a firewall, and it can be breached, leaving your system vulnerable.  It 

I know but every experiment on another machine has yielded unexpected
results. It's on my list of TODOs (to fully understand SEL). One thing I
have learned is NEVER to use what I don't fully understand. SELinux is
like Talmudic study to me at this point.
-- 

         Total Quality Management - A Commitment to Excellence
Fight Spam: http://www.tqmcube.com/rbldnsd.htm
Daily Updates: http://www.tqmcube.com/spam_trap.htm


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux