> > > It looks like the combination of SELinux and mod_security will cover the > > > range of exploits as long as we have policy that covers all the > > > approaches in both SELinux and mod_security. > > > > One thing Fedora has is expertise in writing SELinux policy. A working > > SELinux policy would be a good contribution to an upstream. > > SELinux can't help with XSS attacks. I think the main problem with php is that it's not strongly typed and very tollerant of programatical errors. I think that's one of the reasons php is so popular, and one of the reasons we need to keep saying no to php. -- Matthew Galgoci Network Operations Red Hat, Inc 919.754.3700 x44155 _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list