On Mon, 21 Mar 2005 23:13:42 -0800, Ben <bench@xxxxxxxxxxxxxxx> wrote: > I would like to use SELinux, but there's "like" and "need", and right > now I need to get this working. So, if there's no quick fix, is there a > way to disable SELinux on just this one CGI, do I have to disable it > for all of apache? Look into audit2allow(8). While using this tool to get your CGI working will remove the same protection on other CGI scripts, you'll be able to maintain some modicum of SELinux protection other than what you're turning off to get this working. Even if your final result is "less secure" than running the full policy, it will be "more secure" than disabling SELinux entirely. -- Chris "Build a man a fire and he will be warm for the rest of the night. Set a man on fire and he will be warm for the rest of his life." -- Unknown
