-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Per Sjoholm wrote: > I would like to lock down different web apps run by httpd(apache). > As it is today only way to let MoinMoin send email is to allow all to > use sendmail. > I use a db and that means that every application is allow to ... > > Is it possible to have httpd confined and only open needed net resources > for certain > apps ? > To use some form of m4 macro. > /var/www/moin/xyx/cgi-bin/moin.cgi -> httpd-xyz_t > /var/www/moin/xxx/cgi-bin/moin.cgi -> httpd-xxx_t > Well you could write your own policy for the cgi yes. system-config-selinux/polgengui makes this fairly easy. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFHHPwWrlYvE4MpobMRAgLkAJ9hiTquSjtv5TdcPQerP6Mmsk1kLACgkt1M NrUlW/XKy3wWO+ZPZ9VhEHA= =UdbV -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
