On June 21, 2020 12:17:07 PM AKDT, Alain D D Williams <addw(a)phcomp.co.uk> wrote:
On Sun, Jun 21, 2020 at 08:06:40PM +0000, Jason Long wrote:
> Hello,I want to install Apache, MySQL and PHP on CentOS 8, but I
don't like to disable SELinux. I know that SELinux maybe cause some
problems
Yes. SELinux is supposed to cause problems for unauthorized intrusion, unnecessary
privilege elevation, etc.
At the same time, there's something a little bit too formulaic, "corporate"
perhaps, about the question as posted. It's a LAMP stack. The SELinux policies really
need to "just work" out of the box for the end user // installer // webmaster
without any additional configuration.
The CentOS distribution maintainers, developers, and software packagers,
https://ius.io/ etc. need to make it work somehow. There are far too many convenient
excuses why the security enhancements of SELinux are not working out of the box in this
day and age of botnets, spyware, Bitcoin miners, Unsolicited Commercial Email, etc.
My current website // email is to the best of my knowledge hosted on OpenVZ
paravirtualization at a commercial hosting provider, and OpenVZ does not appear to be
compatible with SELinux, although I have not researched the precise technicalities.
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.