On Tuesday 12 August 2008 15:44, Jancio Wodnik wrote: > Hm. And what about selinux and httpd ? Selinux is securing httpd from > this attacks, right ? Selinux was disabled ? good point, SElinux is set to permissive on this system because we had to get up and running in a hurry and support a lot of legacy apps that do unusual things. apache needs to read/write various config and include files that are in non-standard locations. We tried it enabled and nothing worked. in the audit.log I am seeing where it wanted to deny the bot a tcp_socket. So that would have been good :/ Maybe enabling selinux but leaving httpd opened up would be appropriate for the time being. Is that possible or advisable? audit2allow wants to allow a lot of things. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: mystery process "unit"
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: mystery process "unit"
- From: sbeam <sbeam@xxxxxxxxxxxxxx>
- Date: Tue, 12 Aug 2008 16:42:27 -0400
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <48A1E830.2090703@xxxxx>
- References: <200808120856.20749.sbeam@xxxxxxxxxxxxxx> <200808121002.43257.sbeam@xxxxxxxxxxxxxx> <48A1E830.2090703@xxxxx>
- User-agent: KMail/1.9.4
- Follow-Ups:
- Re: mystery process "unit"
- From: Ned Slider
- Re: mystery process "unit"
- References:
- mystery process "unit"
- From: sbeam
- Re: mystery process "unit"
- From: sbeam
- Re: mystery process "unit"
- From: Jancio Wodnik
- mystery process "unit"
- Prev by Date: bind-9.3.4-6.0.2.P1.el5_2 and rrset-order: order 'fixed' not fully implemented
- Next by Date: Looking for remote console on iPv6 without security layer
- Previous by thread: Re: mystery process "unit"
- Next by thread: Re: mystery process "unit"
- Index(es):
 |