JP Vossen on 28 Aug 2017 19:49:14 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] SELinux Talk a Central


On 08/28/2017 09:22 PM, Ronald P Guilmet wrote:
I was asked to provide a blurb of the upcoming talk.

There is a common thing of disabling SELinux and continuing on. This, however, is not best practice in production. SELinux solves a particular problem. Think of it as an application firewall. If your server is compromised by an exploit for httpd or sftp, for example, that exploit will have access to anything that service owns. We will look at how a (type) context is assigned to a service or directory allowing or denying access. I'm not big on slides, so I plan to do most of this from the keyboard.

Ron, would you bring this around to West or North also?

Thanks,
JP
--  -------------------------------------------------------------------
JP Vossen, CISSP | http://www.jpsdomain.org/ | http://bashcookbook.com/
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug