[prev in list] [next in list] [prev in thread] [next in thread]
List: selinux
Subject: Re: Apache on FedoraCore1(Was Re: log_domain macro)
From: Russell Coker <russell () coker ! com ! au>
Date: 2003-12-23 9:45:22
[Download RAW message or body]
On Tue, 23 Dec 2003 20:45, Yuichi Nakamura <himainu_ynakam@yahoo.co.jp> wrote:
> Russell Coker <russell@coker.com.au> wrote:
> > allow httpd_t httpd_t:netlink_socket { bind create getattr read write };
> > What is the reason for the above?
>
> It is added by using audit2allow.
> Apache seems to work without it,
> but in some case these permissions may be required.
> I don't know whether Apache really requires these permissions.
Until we know why Apache does that I will leave it out of my tree. I suspect
that you have some Apache module loaded which does it.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic