Adding two new booleans to httpd to tighten it's security.
Ian Pilcher
i.pilcher at comcast.net
Sat Dec 10 19:05:26 UTC 2005
Daniel J Walsh wrote:
> Connecting to the local database should not be a problem, since that
> would be over a unix domain socket. Mail is currently shut off and you
> need to turn on boolean to allow it.
Please don't make this assumption. A lot of web application authors
don't bother to enable this (assuming that the database, the web
scripting language, and the connection software all support it), so it's
necessary to use a network connection over the loopback adapter.
--
========================================================================
Ian Pilcher i.pilcher at comcast.net
========================================================================
More information about the selinux
mailing list