Why do I need SELinux?
David Cary Hart
Fedora at TQMcube.com
Sat Feb 19 21:33:35 UTC 2005
On Sat, 2005-02-19 at 13:48 -0700, James McKenzie wrote:
> Apache servers have been 'cracked' and taken over for purposes other
> than intended. Never run httpd as root
apache:apache. No access outside of the web root.
> unless you really, really need to.
> As far as using SELinux and given your situation, I would HIGHLY
> recommend it. It is another layer of host based security. You can have
> a firewall, and it can be breached, leaving your system vulnerable. It
I know but every experiment on another machine has yielded unexpected
results. It's on my list of TODOs (to fully understand SEL). One thing I
have learned is NEVER to use what I don't fully understand. SELinux is
like Talmudic study to me at this point.
--
Total Quality Management - A Commitment to Excellence
Fight Spam: http://www.tqmcube.com/rbldnsd.htm
Daily Updates: http://www.tqmcube.com/spam_trap.htm
More information about the fedora-list
mailing list