Gavin W. Burris on 29 Aug 2017 06:15:21 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] SELinux Talk a Central

Hi, Ron.

This is very timely, as I am cobbling together an SELinux presentation, too.  Count on me to attend.  Would you like me to show custom policies and how to manage SELinux through Ansible?


On Mon 08/28/17 09:22PM EDT, Ronald P Guilmet wrote:
> I was asked to provide a blurb of the upcoming talk.
> There is a common thing of disabling SELinux and continuing on. This,
> however, is not best practice in production. SELinux solves a particular
> problem. Think of it as an application firewall. If your server is
> compromised by an exploit for httpd or sftp, for example, that exploit will
> have access to anything that service owns. We will look at how a (type)
> context is assigned to a service or directory allowing or denying access.
> I'm not big on slides, so I plan to do most of this from the keyboard.
> Enjoy
> -- 
> Ron Guilmet

> ___________________________________________________________________________
> Philadelphia Linux Users Group         --
> Announcements -
> General Discussion  --

Gavin W. Burris
Senior Project Leader for Research Computing
The Wharton School
University of Pennsylvania
Search our documentation:
Subscribe to the Newsletter:
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --