ronpguilmet on 28 Aug 2017 19:54:42 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] SELinux Talk a Central


Sent from my T-Mobile 4G LTE Device

-------- Original message --------
From: JP Vossen <>
Date: 8/28/17 10:49 PM (GMT-05:00)
To: Philadelphia Linux User's Group Discussion List <>
Subject: Re: [PLUG] SELinux Talk a Central

On 08/28/2017 09:22 PM, Ronald P Guilmet wrote:
> I was asked to provide a blurb of the upcoming talk.
> There is a common thing of disabling SELinux and continuing on. This,
> however, is not best practice in production. SELinux solves a particular
> problem. Think of it as an application firewall. If your server is
> compromised by an exploit for httpd or sftp, for example, that exploit
> will have access to anything that service owns. We will look at how a
> (type) context is assigned to a service or directory allowing or denying
> access. I'm not big on slides, so I plan to do most of this from the
> keyboard.

Ron, would you bring this around to West or North also?

--  -------------------------------------------------------------------
JP Vossen, CISSP | |
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --