[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: How do I tell if SELinux is working?

From: Colin Walters <walters redhat com>
To: Jon August <jon internection com>
Cc: fedora-selinux-list redhat com
Subject: Re: How do I tell if SELinux is working?
Date: Wed, 22 Jun 2005 19:29:15 -0400

On Wed, 2005-06-22 at 18:45 -0400, Jon August wrote:
> httpd is running with type:
> 
> root:system_r:unconfined_t
> 
> What does this mean?  Is httpd a vulnerability on this machine?

This means that httpd is not confined by the SELinux policy.  This means
you have less protection against a compromise or misconfiguration of
httpd or CGI scripts.

Since the default is for it to be enabled, someone (possibly you)
disabled SELinux protection for httpd; you can reenable it by using
system-config-securitylevel (or 
"setsebool -P httpd_disable_trans=false").

Follow-Ups:
- Re: How do I tell if SELinux is working?
  - From: Jon August

References:
- How do I tell if SELinux is working?
  - From: Jon August
- Re: How do I tell if SELinux is working?
  - From: Colin Walters
- Re: How do I tell if SELinux is working?
  - From: Jon August

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]