> On Aug 20, 2016, at 15:00, Walter H. <Walter.H@xxxxxxxxxxxxxxxxx> wrote: > > Hello, > > how could it be achieved to run > e.g. > shutdown -h now > from a CGI script on a system where SELinux is set to ENFORCING? Short answer: don't. You could probably create a custom selinux policy that allowed it but you'd be opening your system up to more security issues. If it were me, I'd have the cgi drop a file in a known location, and have an external process (possibly started through cron) monitor the file, then run shutdown conditionally. -- Jonathan Billings _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos
Re: running CGI scripts with SELinux=ENFORCING with priviledged commands ...
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: running CGI scripts with SELinux=ENFORCING with priviledged commands ...
- From: Jonathan Billings <billings@xxxxxxxxxx>
- Date: Sat, 20 Aug 2016 17:59:49 -0400
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <57B8A8D3.2060901@mathemainzel.info>
- References: <57B8A8D3.2060901@mathemainzel.info>
- Follow-Ups:
- References:
- Prev by Date: Re: Canon scanner LiDE 220
- Next by Date: Re: Canon scanner LiDE 220
- Previous by thread: running CGI scripts with SELinux=ENFORCING with priviledged commands ...
- Next by thread: Re: running CGI scripts with SELinux=ENFORCING with priviledged commands ...
- Index(es):
 |