On Sat, 23 Jan 2016 10:52:28 -0500 bruce <badouglas@xxxxxxxxx> wrote: [snip] > So, if I create an instance, spin it up, fire off my tests on the > instance, run everything for a few hours, and then shut it off, would > that be "reasonably safe/secure"? > > My testing apps are a mix of python/php/perl/shell scripts, there's no > web stuff as of yet. Although, there will be dns/nfs/mysql > functionality. For your use case, I would do it without a qualm, especially since you are isolated from the web. Once you connect to the web, you will have exposure, but even then, as you say, it will be minimal. And limited to the time you have the instance up. If you give it access to any vital data while it is up, it could be a slight risk. But, why do you have to disable SElinux? Are you building cracker suites? :-) Will your apps never run on systems that have SElinux enabled? Why not just put it in permissive mode, so it warns at violations, but doesn't stop them, if it is a concern? I'm not an expert, but in the wild, with internet facing apps, I think SElinux is a good thing to have enabled. Belt and suspenders, and all that. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
