How do I tell if SELinux is working?
Jon August
jon at internection.com
Thu Jun 23 02:14:17 UTC 2005
Would compiling my own version of apache and installing it myself
rather than using yum, for example, to install it result in a
unconfined httpd?
On Jun 22, 2005, at 7:29 PM, Colin Walters wrote:
> On Wed, 2005-06-22 at 18:45 -0400, Jon August wrote:
>
>
>> httpd is running with type:
>>
>> root:system_r:unconfined_t
>>
>> What does this mean? Is httpd a vulnerability on this machine?
>>
>>
>
> This means that httpd is not confined by the SELinux policy. This
> means
> you have less protection against a compromise or misconfiguration of
> httpd or CGI scripts.
>
> Since the default is for it to be enabled, someone (possibly you)
> disabled SELinux protection for httpd; you can reenable it by using
> system-config-securitylevel (or
> "setsebool -P httpd_disable_trans=false").
>
>
>
More information about the fedora-selinux-list
mailing list