#1  
Old 2nd February 2006, 05:52
webstergd webstergd is offline
Member
 
Join Date: Dec 2005
Location: Washington, DC
Posts: 53
Thanks: 0
Thanked 0 Times in 0 Posts
Default SE Linux?

What are the current plans for implementing SE Linux with ispconfig? most linux distro's support SE Linux and we would only need to create SE Linux context files. However, that is easier said then done. Once my work load lightens up I can start working on this for apache but until then if anyone is interested in starting this project please look at:

http://fedora.redhat.com/docs/selinux-apache-fc3/
Reply With Quote
Sponsored Links
  #2  
Old 2nd February 2006, 09:30
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,723 Times in 2,563 Posts
Default

Right now there are no plans for doing this. I think it will be very, very complex to inetgrate SELinux with ISPConfig as ISPConfig deals with so many services. This will be for very experienced sysadmins only...
But if you know an easy way how to do it, then we can try to implement it.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 2nd February 2006, 18:50
webstergd webstergd is offline
Member
 
Join Date: Dec 2005
Location: Washington, DC
Posts: 53
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default stepping stones

I was thinking we could make stepping stones. Redhat allows your to be able to turn off deamons that are monitored by SE Linux. I am sure other os's have something close to that also. From there we could disable SE Linux and on most of the deamons our software is using and start with one deamon. Knock that out and more on from there.

As far as wirting the context tables...Apache shouldn't be that bad. MySQL should be very hard. The website I posted earlier should allow someone to make a simple context file for Apache. It would not be super "LOCKED DOWN," but it would still be much more secure.

Maybe we could post a request on sourceforge for an SE Linux expert. I could get something working but I am no expert.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Linux for Newbies deantn Suggest HOWTO 5 30th May 2008 14:30
new to linux installing mandrake 10.2 jerrym Installation/Configuration 2 3rd February 2007 19:48
The ultimate Linux Workstation killfrog Suggest HOWTO 3 25th March 2006 16:06
SSL related problems senzapaura Installation/Configuration 45 25th March 2006 14:15
Lost arrived mails ManuelW Installation/Configuration 1 21st October 2005 00:21


All times are GMT +2. The time now is 22:25.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.