Is my SELinux configuration wrong and dangerous?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,
I'm using CentOS 8 as a web server that hosting a WordPress website. I have two questions. 
1- I defined SELinux for WordPress directory as below:

# ls -lZ /var/www/
drwxrwxr-x. 7 apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 4096 Sep 19 23:37 wp

I created an account for a remote developer that working on WordPress. On some websites, I saw that the OK permission for
wp directory is "httpd_sys_r_content_t" and not "httpd_sys_rw_content_t" and someone recommended to back permission via below command:

# restorecon -rv /var/www/wp

Is it true? Is "httpd_sys_rw_content_t" a dangerous permission and can lead to hacking?

2- WordPress can't update and showed me "cURL Error (7): couldn't connect to host" error. I did below command to solve it:

# setsebool -P httpd_can_network_connect on

Can this command make Apache insecure and must I turn it to "off" ?


Thank you.
_______________________________________________
selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux