On Mon, Aug 15, 2005 at 11:21:51AM -0400, Daniel J Walsh wrote: > Latest policy has > > can_ldap(httpd_t) which should allow httpd scripts to connect to the > ldap port. Could I give a similar connect to mysql to solve your problem? That won't fix (2) or (3), either of which alone would be sufficient justification to enable the boolean by default: reminder for 2 and 3: 2) all mod_proxy configurations (reverse proxy, forward proxy) 3) the parent connect()-to-listening-port "reap idle children" interface, which has the impact: joe -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
