On 08/22/2014 09:56 AM, Tyler Mace wrote:
> It's working now! Here's what I had to do:
> setsebool -P httpd_unified 1
> Is this approach overly permissive? I was surprised that it was all I
> had to do.

This is basically an "allow-all" option for httpd. It's fine if Review
Board is the only thing being served by httpd on this system (such as in
a dedicated VM or container). If you have other web services on this
machine, it means that an exploit in one of them could potentially gain
access to the others.

Get the Review Board Power Pack at http://www.reviewboard.org/powerpack/
Sign up for Review Board hosting at RBCommons: https://rbcommons.com/
Happy user? Let us know at http://www.reviewboard.org/users/
You received this message because you are subscribed to the Google Groups 
"reviewboard" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to reviewboard+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to