On 11/29/10 8:10 PM, Christopher Chan wrote: > >> Yes, if you are concerned about security of certain files it is indeed a >> good idea to run software you don't trust elsewhere. And if the problem >> is not trusting software, why are you putting blind faith in the SELinux >> code? > > Oh certainly. That is why there is a separate SELinux user context for > apache too. > Blind faith in SELinux code? Hey, let's not run anything at all then. > SELinux provides an extra layer of security to use against exploits that may > go beyond what we can do with the usual posix provisions. I do not see why > you have a problem with it. Not so much a problem - I'm just saying that you should do the simple things that have always worked first, then add SELinux if you want. -- Les Mikesell lesmikesell@xxxxxxxxx _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos