Re: Apache not liking directories outside of /var/www

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Fri, Jul 31, 2009 at 12:35 PM, Boris Epstein<borepstein@xxxxxxxxx> wrote:

> I found an even simplier solution - disabled SELinux. I've got a
> firewall and that is plenty.

No. It's really not. If someone exploits apache, or php, they'll be
coming in via port 80 or 443 which your firewall has helpfully allowed
so that you can run your server. The vast majority of successful
penetrations I've seen are of two types. Brute ssh attacks, and
apache/php exloits.   If you were running mod_security, that might be
slightly more analogous to selinux. I really don't recommend that
people disable selinux simply because they can't be bothered to learn
it.

Real world reasons for selinux on web servers ->
http://www.linuxjournal.com/article/9176


-- 
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux