[CentOS] SELinux - way of the future or good idea but !!!
Christopher Chan
christopher.chan at bradbury.edu.hk
Tue Nov 30 22:18:04 UTC 2010
On Wednesday, December 01, 2010 04:54 AM, m.roth at 5-cent.us wrote:
> And about apache... most of those attacks are preventable through
> defensive configuration and coding for httpd itself. Looking to selinux to
> protect you is very sloppy.
The key word is most. If one bothered to go through all the steps to
lock down apache, one can also bother to apply the similar stuff with
SELinux which would be must more comprehensive and take care of the
other 1% or whatever cases too.
More information about the CentOS
mailing list