On Fri, Jul 31, 2009 at 1:07 PM, Boris Epstein<borepstein at gmail.com> wrote: > I am running mod_security and also if the intruder gets to the shell > level they will be able to bypass the SELinux entirely. I believe in > security too but security should not be crippling. Agreed, however your statement is contradictory. A person not versed in iptables would find the default firewall crippling when attempting to run apache. By your logic, they should disable the firewall? -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell