ronpguilmet on 28 Aug 2017 19:54:42 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] SELinux Talk a Central


Absolutely 



Sent from my T-Mobile 4G LTE Device

-------- Original message --------
From: JP Vossen <jp@jpsdomain.org>
Date: 8/28/17 10:49 PM (GMT-05:00)
To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Subject: Re: [PLUG] SELinux Talk a Central

On 08/28/2017 09:22 PM, Ronald P Guilmet wrote:
> I was asked to provide a blurb of the upcoming talk.
>
> There is a common thing of disabling SELinux and continuing on. This,
> however, is not best practice in production. SELinux solves a particular
> problem. Think of it as an application firewall. If your server is
> compromised by an exploit for httpd or sftp, for example, that exploit
> will have access to anything that service owns. We will look at how a
> (type) context is assigned to a service or directory allowing or denying
> access. I'm not big on slides, so I plan to do most of this from the
> keyboard.

Ron, would you bring this around to West or North also?

Thanks,
JP
--  -------------------------------------------------------------------
JP Vossen, CISSP | http://www.jpsdomain.org/ | http://bashcookbook.com/
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug