applying SELinux policy for httpd
Stephen Smalley
sds at tycho.nsa.gov
Thu Nov 3 14:27:51 UTC 2005
On Thu, 2005-11-03 at 14:22 +0000, Joe Orton wrote:
> What's the problem for CGI scripts, I'm not sure what you're referring
> to here?
A similar issue exists for them: whether or not to transition them into
their separate domains by default when a user runs them directly. As
with httpd, they lose access to the tty in that case, and thus cannot
display diagnostics. runcon can be used to force the desired behavior
regardless of the default.
--
Stephen Smalley
National Security Agency
More information about the selinux
mailing list