[CentOS] SELinux - way of the future or good idea but !!!
eero.volotinen at iki.fi
Sat Nov 27 01:29:49 UTC 2010
>> Just turn selinux off. setenforce "0" works without rebooting server,
>> but /etc/sysconfig/selinux is correct place to finalize setting..
> What's with people recommending to turn off SELinux?! That's just bad
> advice and like recommending people keep their doors unlocked at all
> times. Really, stop doing that. SELinux is there for a reason.
Usually it causes more problems. If you have unlimited resources to tune it up,
then it possibly helps on the way.
> My advice to Alison is to remove Webmin and use the tools that come with
> CentOS 5.5. Also make sure that phpMyAdmin can only be accessed from
> your local LAN, use strong passwords, turn on a tight firewall and do
.. and disable password authentication on sshd server.
> anything else that one should do to keep the bad guys from gaining
> illegal access to your server.
> The NSA has some nice guides how to keep your server secure. The guides
> are on this page:
More information about the CentOS