|Ronald P Guilmet on 29 Aug 2017 09:31:39 -0700|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|Re: [PLUG] SELinux Talk a Central|
This is very timely, as I am cobbling together an SELinux presentation, too. Count on me to attend. Would you like me to show custom policies and how to manage SELinux through Ansible?
On Mon 08/28/17 09:22PM EDT, Ronald P Guilmet wrote:
> I was asked to provide a blurb of the upcoming talk.
> There is a common thing of disabling SELinux and continuing on. This,
> however, is not best practice in production. SELinux solves a particular
> problem. Think of it as an application firewall. If your server is
> compromised by an exploit for httpd or sftp, for example, that exploit will
> have access to anything that service owns. We will look at how a (type)
> context is assigned to a service or directory allowing or denying access.
> I'm not big on slides, so I plan to do most of this from the keyboard.
> Ron Guilmet
> Philadelphia Linux Users Group -- http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/
> General Discussion -- http://lists.phillylinux.org/
Gavin W. Burris
Senior Project Leader for Research Computing
The Wharton School
University of Pennsylvania
Search our documentation: http://research-it.wharton.
Subscribe to the Newsletter: http://whr.tn/
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/
General Discussion -- http://lists.phillylinux.org/
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug