[CentOS] mystery process "unit"

Tue Aug 12 20:42:27 UTC 2008
sbeam <sbeam at onsetcorps.net>

On Tuesday 12 August 2008 15:44, Jancio Wodnik wrote:
> Hm. And what about selinux and httpd ? Selinux is securing httpd from
> this attacks, right ? Selinux was disabled ?

good point, SElinux is set to permissive on this system because we had to get 
up and running in a hurry and support a lot of legacy apps that do unusual 
things. apache needs to read/write various config and include files that are 
in non-standard locations. We tried it enabled and nothing worked.

in the audit.log I am seeing where it wanted to deny the bot a tcp_socket. So 
that would have been good :/

Maybe enabling selinux but leaving httpd opened up would be appropriate for 
the time being. Is that possible or advisable? audit2allow wants to allow a 
lot of things.