| Gavin W. Burris on 29 Aug 2017 06:15:21 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] SELinux Talk a Central |
Hi, Ron. This is very timely, as I am cobbling together an SELinux presentation, too. Count on me to attend. Would you like me to show custom policies and how to manage SELinux through Ansible? Cheers. On Mon 08/28/17 09:22PM EDT, Ronald P Guilmet wrote: > I was asked to provide a blurb of the upcoming talk. > > There is a common thing of disabling SELinux and continuing on. This, > however, is not best practice in production. SELinux solves a particular > problem. Think of it as an application firewall. If your server is > compromised by an exploit for httpd or sftp, for example, that exploit will > have access to anything that service owns. We will look at how a (type) > context is assigned to a service or directory allowing or denying access. > I'm not big on slides, so I plan to do most of this from the keyboard. > > Enjoy > > -- > Ron Guilmet > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug -- Gavin W. Burris Senior Project Leader for Research Computing The Wharton School University of Pennsylvania Search our documentation: http://research-it.wharton.upenn.edu/about/ Subscribe to the Newsletter: http://whr.tn/ResearchNewsletterSubscribe ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug