How do I tell if SELinux is working?

Colin Walters walters at
Wed Jun 22 23:29:15 UTC 2005

On Wed, 2005-06-22 at 18:45 -0400, Jon August wrote:
> httpd is running with type:
> root:system_r:unconfined_t
> What does this mean?  Is httpd a vulnerability on this machine?

This means that httpd is not confined by the SELinux policy.  This means
you have less protection against a compromise or misconfiguration of
httpd or CGI scripts.

Since the default is for it to be enabled, someone (possibly you)
disabled SELinux protection for httpd; you can reenable it by using
system-config-securitylevel (or 
"setsebool -P httpd_disable_trans=false").

More information about the fedora-selinux-list mailing list